mirror of
https://github.com/github/codeql.git
synced 2026-06-03 04:40:14 +02:00
Compare commits
5 Commits
mbg/fix/lo
...
tiferet/ad
| Author | SHA1 | Date | |
|---|---|---|---|
|
b9cfcfcb33 | ||
|
|
ddaf68a138 | ||
|
|
127d21affc | ||
|
|
f597147f1b | ||
|
|
f40d111d05 |
@@ -45,16 +45,6 @@ module Consistency {
|
||||
) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
|
||||
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
|
||||
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
}
|
||||
|
||||
private class RelevantNode extends Node {
|
||||
@@ -256,7 +246,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodeAtPosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
|
||||
msg = "Parameters with overlapping positions."
|
||||
@@ -265,7 +254,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodePosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
|
||||
msg = "Parameter node with multiple positions."
|
||||
|
||||
@@ -45,16 +45,6 @@ module Consistency {
|
||||
) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
|
||||
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
|
||||
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
}
|
||||
|
||||
private class RelevantNode extends Node {
|
||||
@@ -256,7 +246,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodeAtPosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
|
||||
msg = "Parameters with overlapping positions."
|
||||
@@ -265,7 +254,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodePosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
|
||||
msg = "Parameter node with multiple positions."
|
||||
|
||||
@@ -45,16 +45,6 @@ module Consistency {
|
||||
) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
|
||||
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
|
||||
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
}
|
||||
|
||||
private class RelevantNode extends Node {
|
||||
@@ -256,7 +246,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodeAtPosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
|
||||
msg = "Parameters with overlapping positions."
|
||||
@@ -265,7 +254,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodePosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
|
||||
msg = "Parameter node with multiple positions."
|
||||
|
||||
@@ -15,24 +15,76 @@
|
||||
import semmle.code.cpp.ir.dataflow.internal.DefaultTaintTrackingImpl
|
||||
import TaintedWithPath
|
||||
|
||||
string getATopLevelDomain() {
|
||||
result =
|
||||
[
|
||||
"com", "ru", "net", "org", "de", "jp", "uk", "br", "pl", "in", "it", "fr", "au", "info", "nl",
|
||||
"cn", "ir", "es", "cz", "biz", "ca", "eu", "ua", "kr", "za", "co", "gr", "ro", "se", "tw",
|
||||
"vn", "mx", "ch", "tr", "at", "be", "hu", "tv", "dk", "me", "ar", "us", "no", "sk", "fi",
|
||||
"id", "cl", "nz", "by", "xyz", "pt", "ie", "il", "kz", "my", "hk", "lt", "cc", "sg", "io",
|
||||
"edu", "gov"
|
||||
]
|
||||
}
|
||||
|
||||
predicate hardCodedAddressOrIP(StringLiteral txt) {
|
||||
exists(string s | s = txt.getValueText() |
|
||||
// Hard-coded ip addresses, such as 127.0.0.1
|
||||
s.regexpMatch("\"[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+\"") or
|
||||
// Hard-coded addresses such as www.mycompany.com
|
||||
s.regexpMatch("\"(www\\.|http:|https:).*\"") or
|
||||
s.regexpMatch("\".*\\.(" + strictconcat(getATopLevelDomain(), "|") + ")\"")
|
||||
s.matches("\"www.%\"") or
|
||||
s.matches("\"http:%\"") or
|
||||
s.matches("\"https:%\"") or
|
||||
s.matches("\"%.com\"") or
|
||||
s.matches("\"%.ru\"") or
|
||||
s.matches("\"%.net\"") or
|
||||
s.matches("\"%.org\"") or
|
||||
s.matches("\"%.de\"") or
|
||||
s.matches("\"%.jp\"") or
|
||||
s.matches("\"%.uk\"") or
|
||||
s.matches("\"%.br\"") or
|
||||
s.matches("\"%.pl\"") or
|
||||
s.matches("\"%.in\"") or
|
||||
s.matches("\"%.it\"") or
|
||||
s.matches("\"%.fr\"") or
|
||||
s.matches("\"%.au\"") or
|
||||
s.matches("\"%.info\"") or
|
||||
s.matches("\"%.nl\"") or
|
||||
s.matches("\"%.cn\"") or
|
||||
s.matches("\"%.ir\"") or
|
||||
s.matches("\"%.es\"") or
|
||||
s.matches("\"%.cz\"") or
|
||||
s.matches("\"%.biz\"") or
|
||||
s.matches("\"%.ca\"") or
|
||||
s.matches("\"%.eu\"") or
|
||||
s.matches("\"%.ua\"") or
|
||||
s.matches("\"%.kr\"") or
|
||||
s.matches("\"%.za\"") or
|
||||
s.matches("\"%.co\"") or
|
||||
s.matches("\"%.gr\"") or
|
||||
s.matches("\"%.ro\"") or
|
||||
s.matches("\"%.se\"") or
|
||||
s.matches("\"%.tw\"") or
|
||||
s.matches("\"%.vn\"") or
|
||||
s.matches("\"%.mx\"") or
|
||||
s.matches("\"%.ch\"") or
|
||||
s.matches("\"%.tr\"") or
|
||||
s.matches("\"%.at\"") or
|
||||
s.matches("\"%.be\"") or
|
||||
s.matches("\"%.hu\"") or
|
||||
s.matches("\"%.tv\"") or
|
||||
s.matches("\"%.dk\"") or
|
||||
s.matches("\"%.me\"") or
|
||||
s.matches("\"%.ar\"") or
|
||||
s.matches("\"%.us\"") or
|
||||
s.matches("\"%.no\"") or
|
||||
s.matches("\"%.sk\"") or
|
||||
s.matches("\"%.fi\"") or
|
||||
s.matches("\"%.id\"") or
|
||||
s.matches("\"%.cl\"") or
|
||||
s.matches("\"%.nz\"") or
|
||||
s.matches("\"%.by\"") or
|
||||
s.matches("\"%.xyz\"") or
|
||||
s.matches("\"%.pt\"") or
|
||||
s.matches("\"%.ie\"") or
|
||||
s.matches("\"%.il\"") or
|
||||
s.matches("\"%.kz\"") or
|
||||
s.matches("\"%.my\"") or
|
||||
s.matches("\"%.hk\"") or
|
||||
s.matches("\"%.lt\"") or
|
||||
s.matches("\"%.cc\"") or
|
||||
s.matches("\"%.sg\"") or
|
||||
s.matches("\"%.io\"") or
|
||||
s.matches("\"%.edu\"") or
|
||||
s.matches("\"%.gov\"")
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -207,35 +207,34 @@ bad_asts.cpp:
|
||||
# 27| Type = [SpecifiedType] const Point
|
||||
# 27| ValueCategory = lvalue
|
||||
# 28| getStmt(1): [ReturnStmt] return ...
|
||||
bad_stmts.cpp:
|
||||
# 5| [TopLevelFunction] void Bad::errorExpr()
|
||||
# 5| <params>:
|
||||
# 5| getEntryPoint(): [BlockStmt] { ... }
|
||||
# 6| getStmt(0): [DeclStmt] declaration
|
||||
# 6| getDeclarationEntry(0): [VariableDeclarationEntry] definition of intref
|
||||
# 6| Type = [LValueReferenceType] int &
|
||||
# 6| getVariable().getInitializer(): [Initializer] initializer for intref
|
||||
# 6| getExpr(): [ErrorExpr] <error expr>
|
||||
# 6| Type = [ErroneousType] error
|
||||
# 6| ValueCategory = prvalue
|
||||
# 7| getStmt(1): [DeclStmt] declaration
|
||||
# 7| getDeclarationEntry(0): [VariableDeclarationEntry] definition of x
|
||||
# 7| Type = [IntType] int
|
||||
# 7| getVariable().getInitializer(): [Initializer] initializer for x
|
||||
# 7| getExpr(): [ErrorExpr] <error expr>
|
||||
# 7| Type = [ErroneousType] error
|
||||
# 7| ValueCategory = prvalue
|
||||
# 8| getStmt(2): [ExprStmt] ExprStmt
|
||||
# 8| getExpr(): [AssignExpr] ... = ...
|
||||
# 8| Type = [IntType] int
|
||||
# 8| ValueCategory = lvalue
|
||||
# 8| getLValue(): [VariableAccess] x
|
||||
# 8| Type = [IntType] int
|
||||
# 8| ValueCategory = lvalue
|
||||
# 8| getRValue(): [ErrorExpr] <error expr>
|
||||
# 8| Type = [ErroneousType] error
|
||||
# 8| ValueCategory = prvalue(load)
|
||||
# 9| getStmt(3): [ReturnStmt] return ...
|
||||
# 30| [TopLevelFunction] void Bad::errorExpr()
|
||||
# 30| <params>:
|
||||
# 30| getEntryPoint(): [BlockStmt] { ... }
|
||||
# 31| getStmt(0): [DeclStmt] declaration
|
||||
# 31| getDeclarationEntry(0): [VariableDeclarationEntry] definition of intref
|
||||
# 31| Type = [LValueReferenceType] int &
|
||||
# 31| getVariable().getInitializer(): [Initializer] initializer for intref
|
||||
# 31| getExpr(): [ErrorExpr] <error expr>
|
||||
# 31| Type = [ErroneousType] error
|
||||
# 31| ValueCategory = prvalue
|
||||
# 32| getStmt(1): [DeclStmt] declaration
|
||||
# 32| getDeclarationEntry(0): [VariableDeclarationEntry] definition of x
|
||||
# 32| Type = [IntType] int
|
||||
# 32| getVariable().getInitializer(): [Initializer] initializer for x
|
||||
# 32| getExpr(): [ErrorExpr] <error expr>
|
||||
# 32| Type = [ErroneousType] error
|
||||
# 32| ValueCategory = prvalue
|
||||
# 33| getStmt(2): [ExprStmt] ExprStmt
|
||||
# 33| getExpr(): [AssignExpr] ... = ...
|
||||
# 33| Type = [IntType] int
|
||||
# 33| ValueCategory = lvalue
|
||||
# 33| getLValue(): [VariableAccess] x
|
||||
# 33| Type = [IntType] int
|
||||
# 33| ValueCategory = lvalue
|
||||
# 33| getRValue(): [ErrorExpr] <error expr>
|
||||
# 33| Type = [ErroneousType] error
|
||||
# 33| ValueCategory = prvalue(load)
|
||||
# 34| getStmt(3): [ReturnStmt] return ...
|
||||
clang.cpp:
|
||||
# 5| [TopLevelFunction] int* globalIntAddress()
|
||||
# 5| <params>:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
// semmle-extractor-options: -std=c++17
|
||||
// semmle-extractor-options: -std=c++17 --expect_errors
|
||||
|
||||
// Test cases that illustrate known bad ASTs that we have to work around in IR generation.
|
||||
namespace Bad {
|
||||
@@ -26,4 +26,10 @@ namespace Bad {
|
||||
void CallCopyConstructor(const Point& a) {
|
||||
Point b = a; // Copy constructor contains literal expressions with no values.
|
||||
}
|
||||
|
||||
void errorExpr() {
|
||||
int &intref = 0;
|
||||
int x = 0[0];
|
||||
x = 1[1];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
// semmle-extractor-options: -std=c++17 --expect_errors
|
||||
|
||||
// Test cases that illustrate known bad ASTs that we have to work around in IR generation.
|
||||
namespace Bad {
|
||||
void errorExpr() {
|
||||
int &intref = 0;
|
||||
int x = 0[0];
|
||||
x = 1[1];
|
||||
}
|
||||
}
|
||||
@@ -98,17 +98,17 @@
|
||||
| bad_asts.cpp:27:15:27:15 | StoreValue | r27_6 |
|
||||
| bad_asts.cpp:27:15:27:15 | Unary | r27_3 |
|
||||
| bad_asts.cpp:27:15:27:15 | Unary | r27_4 |
|
||||
| bad_stmts.cpp:5:8:5:16 | ChiPartial | partial:m5_3 |
|
||||
| bad_stmts.cpp:5:8:5:16 | ChiTotal | total:m5_2 |
|
||||
| bad_stmts.cpp:5:8:5:16 | SideEffect | m5_3 |
|
||||
| bad_stmts.cpp:6:10:6:15 | Address | &:r6_1 |
|
||||
| bad_stmts.cpp:6:18:6:19 | StoreValue | r6_2 |
|
||||
| bad_stmts.cpp:7:9:7:9 | Address | &:r7_1 |
|
||||
| bad_stmts.cpp:7:12:7:16 | StoreValue | r7_2 |
|
||||
| bad_stmts.cpp:8:5:8:5 | Address | &:r8_3 |
|
||||
| bad_stmts.cpp:8:5:8:12 | Address | &:r8_1 |
|
||||
| bad_stmts.cpp:8:5:8:12 | Load | ~m5_4 |
|
||||
| bad_stmts.cpp:8:5:8:12 | StoreValue | r8_2 |
|
||||
| bad_asts.cpp:30:8:30:16 | ChiPartial | partial:m30_3 |
|
||||
| bad_asts.cpp:30:8:30:16 | ChiTotal | total:m30_2 |
|
||||
| bad_asts.cpp:30:8:30:16 | SideEffect | m30_3 |
|
||||
| bad_asts.cpp:31:10:31:15 | Address | &:r31_1 |
|
||||
| bad_asts.cpp:31:18:31:19 | StoreValue | r31_2 |
|
||||
| bad_asts.cpp:32:9:32:9 | Address | &:r32_1 |
|
||||
| bad_asts.cpp:32:12:32:16 | StoreValue | r32_2 |
|
||||
| bad_asts.cpp:33:5:33:5 | Address | &:r33_3 |
|
||||
| bad_asts.cpp:33:5:33:12 | Address | &:r33_1 |
|
||||
| bad_asts.cpp:33:5:33:12 | Load | ~m30_4 |
|
||||
| bad_asts.cpp:33:5:33:12 | StoreValue | r33_2 |
|
||||
| clang.cpp:5:6:5:21 | Address | &:r5_5 |
|
||||
| clang.cpp:5:6:5:21 | ChiPartial | partial:m5_3 |
|
||||
| clang.cpp:5:6:5:21 | ChiTotal | total:m5_2 |
|
||||
|
||||
@@ -120,26 +120,25 @@ bad_asts.cpp:
|
||||
# 26| v26_10(void) = AliasedUse : ~m?
|
||||
# 26| v26_11(void) = ExitFunction :
|
||||
|
||||
bad_stmts.cpp:
|
||||
# 5| void Bad::errorExpr()
|
||||
# 5| Block 0
|
||||
# 5| v5_1(void) = EnterFunction :
|
||||
# 5| mu5_2(unknown) = AliasedDefinition :
|
||||
# 5| mu5_3(unknown) = InitializeNonLocal :
|
||||
# 6| r6_1(glval<int &>) = VariableAddress[intref] :
|
||||
# 6| r6_2(error) = Error :
|
||||
# 6| mu6_3(int &) = Store[intref] : &:r6_1, r6_2
|
||||
# 7| r7_1(glval<int>) = VariableAddress[x] :
|
||||
# 7| r7_2(error) = Error :
|
||||
# 7| mu7_3(int) = Store[x] : &:r7_1, r7_2
|
||||
# 8| r8_1(glval<error>) = Error :
|
||||
# 8| r8_2(error) = Load[?] : &:r8_1, ~m?
|
||||
# 8| r8_3(glval<int>) = VariableAddress[x] :
|
||||
# 8| mu8_4(int) = Store[x] : &:r8_3, r8_2
|
||||
# 9| v9_1(void) = NoOp :
|
||||
# 5| v5_4(void) = ReturnVoid :
|
||||
# 5| v5_5(void) = AliasedUse : ~m?
|
||||
# 5| v5_6(void) = ExitFunction :
|
||||
# 30| void Bad::errorExpr()
|
||||
# 30| Block 0
|
||||
# 30| v30_1(void) = EnterFunction :
|
||||
# 30| mu30_2(unknown) = AliasedDefinition :
|
||||
# 30| mu30_3(unknown) = InitializeNonLocal :
|
||||
# 31| r31_1(glval<int &>) = VariableAddress[intref] :
|
||||
# 31| r31_2(error) = Error :
|
||||
# 31| mu31_3(int &) = Store[intref] : &:r31_1, r31_2
|
||||
# 32| r32_1(glval<int>) = VariableAddress[x] :
|
||||
# 32| r32_2(error) = Error :
|
||||
# 32| mu32_3(int) = Store[x] : &:r32_1, r32_2
|
||||
# 33| r33_1(glval<error>) = Error :
|
||||
# 33| r33_2(error) = Load[?] : &:r33_1, ~m?
|
||||
# 33| r33_3(glval<int>) = VariableAddress[x] :
|
||||
# 33| mu33_4(int) = Store[x] : &:r33_3, r33_2
|
||||
# 34| v34_1(void) = NoOp :
|
||||
# 30| v30_4(void) = ReturnVoid :
|
||||
# 30| v30_5(void) = AliasedUse : ~m?
|
||||
# 30| v30_6(void) = ExitFunction :
|
||||
|
||||
clang.cpp:
|
||||
# 5| int* globalIntAddress()
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
struct Allocators
|
||||
struct Foo
|
||||
{
|
||||
Allocators(int x, int y) : m_x(x), m_y(y) {}
|
||||
~Allocators() {m_x = m_y = 0;}
|
||||
Foo(int x, int y) : m_x(x), m_y(y) {}
|
||||
~Foo() {m_x = m_y = 0;}
|
||||
|
||||
// NB: In Microsoft mode, size_t is predeclared.
|
||||
static void* operator new(size_t sz, int z, int w) { return nullptr; }
|
||||
@@ -13,7 +13,7 @@ struct Allocators
|
||||
|
||||
int main()
|
||||
{
|
||||
auto foo = new(11, 22) Allocators(33, 44);
|
||||
auto foo = new(11, 22) Foo(33, 44);
|
||||
delete foo;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
struct ArrayDelete {
|
||||
~ArrayDelete();
|
||||
struct Foo {
|
||||
~Foo();
|
||||
};
|
||||
|
||||
void f() {
|
||||
delete[] (ArrayDelete*)nullptr;
|
||||
delete[] (Foo*)nullptr;
|
||||
}
|
||||
|
||||
@@ -74,8 +74,8 @@ argHasPostUpdate
|
||||
| ir.cpp:625:5:625:5 | s | ArgumentNode is missing PostUpdateNode. |
|
||||
postWithInFlow
|
||||
| VacuousDestructorCall.cpp:10:22:10:22 | i [inner post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:18:4:20 | m_x [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:24:4:26 | m_y [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:11:4:13 | m_x [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:17:4:19 | m_y [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| assignexpr.cpp:9:4:9:4 | i [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| builtin.c:34:23:34:31 | staticint [inner post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| builtin.c:39:37:39:45 | carry_out [inner post update] | PostUpdateNode should not be the target of local flow. |
|
||||
|
||||
@@ -1483,17 +1483,17 @@ postWithInFlow
|
||||
| aggregateinitializer.c:3:6:3:6 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| aggregateinitializer.c:3:11:3:27 | PointerAdd [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| aggregateinitializer.c:3:11:3:27 | PointerAdd [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:3:30:3:35 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:3:38:3:43 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:18:4:20 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:18:4:20 | m_x [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:24:4:26 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:24:4:26 | m_y [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:3:23:3:28 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:3:31:3:36 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:11:4:13 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:11:4:13 | m_x [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:17:4:19 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:4:17:4:19 | m_y [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:7:56:7:70 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:8:16:10 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:43 | Call [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:43 | new [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:43 | new [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:36 | Call [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:36 | new [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:16:14:16:36 | new [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| allocators.cpp:18:1:18:1 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| assignexpr.cpp:9:4:9:4 | i [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
| bad_asts.cpp:10:7:10:23 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
|
||||
|
||||
@@ -17,24 +17,6 @@ edges
|
||||
| test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address |
|
||||
| test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address |
|
||||
| test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address indirection |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address indirection |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address indirection |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address |
|
||||
| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address indirection |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address indirection |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address indirection |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address indirection |
|
||||
subpaths
|
||||
nodes
|
||||
| test.cpp:16:25:16:30 | call to getenv | semmle.label | call to getenv |
|
||||
@@ -52,21 +34,7 @@ nodes
|
||||
| test.cpp:42:14:42:20 | address | semmle.label | address |
|
||||
| test.cpp:42:14:42:20 | address | semmle.label | address |
|
||||
| test.cpp:42:14:42:20 | address indirection | semmle.label | address indirection |
|
||||
| test.cpp:49:25:49:30 | call to getenv | semmle.label | call to getenv |
|
||||
| test.cpp:49:25:49:42 | (const char *)... | semmle.label | (const char *)... |
|
||||
| test.cpp:52:14:52:20 | address | semmle.label | address |
|
||||
| test.cpp:52:14:52:20 | address | semmle.label | address |
|
||||
| test.cpp:52:14:52:20 | address indirection | semmle.label | address indirection |
|
||||
| test.cpp:56:14:56:20 | address | semmle.label | address |
|
||||
| test.cpp:56:14:56:20 | address | semmle.label | address |
|
||||
| test.cpp:56:14:56:20 | address indirection | semmle.label | address indirection |
|
||||
| test.cpp:60:14:60:20 | address | semmle.label | address |
|
||||
| test.cpp:60:14:60:20 | address | semmle.label | address |
|
||||
| test.cpp:60:14:60:20 | address indirection | semmle.label | address indirection |
|
||||
#select
|
||||
| test.cpp:20:7:20:12 | call to strcmp | test.cpp:16:25:16:30 | call to getenv | test.cpp:20:14:20:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:16:25:16:30 | call to getenv | call to getenv |
|
||||
| test.cpp:31:7:31:12 | call to strcmp | test.cpp:27:25:27:30 | call to getenv | test.cpp:31:14:31:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:27:25:27:30 | call to getenv | call to getenv |
|
||||
| test.cpp:42:7:42:12 | call to strcmp | test.cpp:38:25:38:30 | call to getenv | test.cpp:42:14:42:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:38:25:38:30 | call to getenv | call to getenv |
|
||||
| test.cpp:52:7:52:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv |
|
||||
| test.cpp:56:7:56:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv |
|
||||
| test.cpp:60:7:60:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv |
|
||||
|
||||
@@ -43,27 +43,3 @@ void processRequest3()
|
||||
isServer = 1;
|
||||
}
|
||||
}
|
||||
|
||||
void processRequest4()
|
||||
{
|
||||
const char *address = getenv("SERVERIP");
|
||||
bool cond = false;
|
||||
|
||||
if (strcmp(address, "127.0.0.1")) { cond = true; } // BAD
|
||||
if (strcmp(address, "127_0_0_1")) { cond = true; } // GOOD (not an IP)
|
||||
if (strcmp(address, "127.0.0")) { cond = true; } // GOOD (not an IP)
|
||||
if (strcmp(address, "127.0.0.0.1")) { cond = true; } // GOOD (not an IP)
|
||||
if (strcmp(address, "http://mycompany")) { cond = true; } // BAD
|
||||
if (strcmp(address, "http_//mycompany")) { cond = true; } // GOOD (not an address)
|
||||
if (strcmp(address, "htt://mycompany")) { cond = true; } // GOOD (not an address)
|
||||
if (strcmp(address, "httpp://mycompany")) { cond = true; } // GOOD (not an address)
|
||||
if (strcmp(address, "mycompany.com")) { cond = true; } // BAD
|
||||
if (strcmp(address, "mycompany_com")) { cond = true; } // GOOD (not an address)
|
||||
if (strcmp(address, "mycompany.c")) { cond = true; } // GOOD (not an address)
|
||||
if (strcmp(address, "mycompany.comm")) { cond = true; } // GOOD (not an address)
|
||||
|
||||
if (cond) {
|
||||
isServer = 1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,2 +0,0 @@
|
||||
description: Remove operators from the virtualizable type.
|
||||
compatibility: full
|
||||
@@ -92,8 +92,7 @@ namespace Semmle.Extraction.CIL.Entities
|
||||
yield return Tuples.cil_parameter_out(pe);
|
||||
if (p.Attributes.HasFlag(ParameterAttributes.In))
|
||||
yield return Tuples.cil_parameter_in(pe);
|
||||
foreach (var c in Attribute.Populate(Context, pe, p.GetCustomAttributes()))
|
||||
yield return c;
|
||||
Attribute.Populate(Context, pe, p.GetCustomAttributes());
|
||||
}
|
||||
|
||||
yield return Tuples.metadata_handle(this, Context.Assembly, MetadataTokens.GetToken(handle));
|
||||
@@ -206,8 +205,7 @@ namespace Semmle.Extraction.CIL.Entities
|
||||
yield return Tuples.cil_newslot(this);
|
||||
|
||||
// Populate attributes
|
||||
foreach (var c in Attribute.Populate(Context, this, md.GetCustomAttributes()))
|
||||
yield return c;
|
||||
Attribute.Populate(Context, this, md.GetCustomAttributes());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Support for `static virtual` and `static abstract` interface members.
|
||||
* Support for *operators* in interface definitions.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Attributes on methods in CIL are now extracted (Bugfix).
|
||||
@@ -129,7 +129,7 @@ pragma[nomagic]
|
||||
private Virtualizable getACompatibleInterfaceMemberAux(Virtualizable m) {
|
||||
result = getACompatibleInterfaceAccessor(m) or
|
||||
result = getACompatibleInterfaceIndexer(m) or
|
||||
result = getACompatibleRelevantInterfaceMember(m)
|
||||
result = getACompatibleInterfaceMethod(m)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -210,13 +210,11 @@ private predicate getACompatibleInterfaceIndexerAux(Indexer i, ValueOrRefType t)
|
||||
t = getAPossibleImplementor(i.getDeclaringType())
|
||||
}
|
||||
|
||||
private RelevantInterfaceMember getACompatibleRelevantInterfaceMember0(
|
||||
RelevantInterfaceMember m, int i
|
||||
) {
|
||||
result = getARelevantInterfaceMemberCandidate(m) and
|
||||
private Method getACompatibleInterfaceMethod0(Method m, int i) {
|
||||
result = getAnInterfaceMethodCandidate(m) and
|
||||
i = -1
|
||||
or
|
||||
result = getACompatibleRelevantInterfaceMember0(m, i - 1) and
|
||||
result = getACompatibleInterfaceMethod0(m, i - 1) and
|
||||
exists(Type t1, Type t2 |
|
||||
t1 = getArgumentOrReturnType(m, i) and
|
||||
t2 = getArgumentOrReturnType(result, i)
|
||||
@@ -225,47 +223,32 @@ private RelevantInterfaceMember getACompatibleRelevantInterfaceMember0(
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* A class of callables relevant for interface member compatibility.
|
||||
*/
|
||||
private class RelevantInterfaceMember extends Callable {
|
||||
RelevantInterfaceMember() {
|
||||
this instanceof Method or
|
||||
this instanceof Operator
|
||||
}
|
||||
|
||||
predicate isPublic() {
|
||||
this.(Method).isPublic() or
|
||||
this.(Operator).isPublic()
|
||||
}
|
||||
}
|
||||
|
||||
private RelevantInterfaceMember getACompatibleRelevantInterfaceMember(RelevantInterfaceMember m) {
|
||||
result = getACompatibleRelevantInterfaceMember0(m, m.getNumberOfParameters())
|
||||
private Method getACompatibleInterfaceMethod(Method m) {
|
||||
result = getACompatibleInterfaceMethod0(m, m.getNumberOfParameters())
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an interface method or operator that may potentially be implemented by `m`.
|
||||
* Gets an interface method that may potentially be implemented by `m`.
|
||||
*
|
||||
* That is, a method with the same name, same number of parameters, and declared
|
||||
* in a type that is a possible implementor type for the interface type.
|
||||
*/
|
||||
private RelevantInterfaceMember getARelevantInterfaceMemberCandidate(RelevantInterfaceMember m) {
|
||||
getAPotentialRelevantInterfaceMemberAux(result, m.getDeclaringType(), m.getUndecoratedName(),
|
||||
private Method getAnInterfaceMethodCandidate(Method m) {
|
||||
getAPotentialInterfaceMethodAux(result, m.getDeclaringType(), m.getUndecoratedName(),
|
||||
m.getNumberOfParameters()) and
|
||||
m.isPublic()
|
||||
}
|
||||
|
||||
pragma[nomagic]
|
||||
private predicate getAPotentialRelevantInterfaceMemberAux(
|
||||
RelevantInterfaceMember m, ValueOrRefType t, string name, int params
|
||||
private predicate getAPotentialInterfaceMethodAux(
|
||||
Method m, ValueOrRefType t, string name, int params
|
||||
) {
|
||||
t = getAPossibleImplementor(m.getDeclaringType()) and
|
||||
name = m.getUndecoratedName() and
|
||||
params = m.getNumberOfParameters()
|
||||
}
|
||||
|
||||
private Type getArgumentOrReturnType(RelevantInterfaceMember m, int i) {
|
||||
private Type getArgumentOrReturnType(Method m, int i) {
|
||||
i = 0 and result = m.getReturnType()
|
||||
or
|
||||
result = m.getParameter(i - 1).getType()
|
||||
|
||||
@@ -184,7 +184,7 @@ private class TOverridable = @virtualizable or @callable_accessor;
|
||||
|
||||
/**
|
||||
* A declaration that can be overridden or implemented. That is, a method,
|
||||
* a property, an indexer, an event, an accessor, or an operator.
|
||||
* a property, an indexer, an event, or an accessor.
|
||||
*
|
||||
* Unlike `Virtualizable`, this class includes accessors.
|
||||
*/
|
||||
@@ -360,7 +360,7 @@ class Overridable extends Declaration, TOverridable {
|
||||
|
||||
/**
|
||||
* A member where the `virtual` modifier is valid. That is, a method,
|
||||
* a property, an indexer, an event, or an operator.
|
||||
* a property, an indexer, or an event.
|
||||
*
|
||||
* Equivalently, these are the members that can be defined in an interface.
|
||||
*
|
||||
|
||||
@@ -45,16 +45,6 @@ module Consistency {
|
||||
) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
|
||||
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
|
||||
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
|
||||
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
|
||||
none()
|
||||
}
|
||||
}
|
||||
|
||||
private class RelevantNode extends Node {
|
||||
@@ -256,7 +246,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodeAtPosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
|
||||
msg = "Parameters with overlapping positions."
|
||||
@@ -265,7 +254,6 @@ module Consistency {
|
||||
query predicate uniqueParameterNodePosition(
|
||||
DataFlowCallable c, ParameterPosition pos, Node p, string msg
|
||||
) {
|
||||
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
|
||||
isParameterNode(p, c, pos) and
|
||||
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
|
||||
msg = "Parameter node with multiple positions."
|
||||
|
||||
@@ -670,7 +670,7 @@ compiler_generated(unique int id: @modifiable ref);
|
||||
|
||||
@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr;
|
||||
|
||||
@virtualizable = @method | @property | @indexer | @event | @operator;
|
||||
@virtualizable = @method | @property | @indexer | @event;
|
||||
|
||||
exprorstmt_name(
|
||||
unique int parent_id: @named_exprorstmt ref,
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,2 +0,0 @@
|
||||
description: Add operators to the virtualizable type.
|
||||
compatibility: full
|
||||
File diff suppressed because it is too large
Load Diff
@@ -6,8 +6,7 @@ private predicate isOsSpecific(Declaration d) {
|
||||
.matches("%" +
|
||||
[
|
||||
"libobjc", "libproc", "System.Diagnostics.Tracing.XplatEventLogger",
|
||||
"System.Threading.AutoreleasePool",
|
||||
"System.Diagnostics.Tracing.EventSource.<WriteEventString>"
|
||||
"System.Threading.AutoreleasePool"
|
||||
] + "%")
|
||||
}
|
||||
|
||||
|
||||
@@ -1,34 +0,0 @@
|
||||
public interface INumber<T> where T : INumber<T>
|
||||
{
|
||||
static abstract T operator ++(T other);
|
||||
|
||||
static virtual T operator --(T other) => other;
|
||||
|
||||
static abstract T Add(T left, T right);
|
||||
|
||||
static virtual T Subtract(T left, T right) => left;
|
||||
|
||||
static T Zero() => default(T);
|
||||
}
|
||||
|
||||
public class Complex : INumber<Complex>
|
||||
{
|
||||
public double Real { get; private set; } = 0.0;
|
||||
public double Imaginary { get; private set; } = 0.0;
|
||||
|
||||
public Complex() { }
|
||||
|
||||
public static Complex Zero() => new Complex();
|
||||
|
||||
public static Complex operator ++(Complex other) =>
|
||||
new Complex { Real = other.Real + 1.0, Imaginary = other.Imaginary };
|
||||
|
||||
public static Complex operator --(Complex other) =>
|
||||
new Complex { Real = other.Real - 1.0, Imaginary = other.Imaginary };
|
||||
|
||||
public static Complex Add(Complex left, Complex right) =>
|
||||
new Complex { Real = left.Real + right.Real, Imaginary = left.Imaginary + right.Imaginary };
|
||||
|
||||
public static Complex Subtract(Complex left, Complex right) =>
|
||||
new Complex { Real = left.Real - right.Real, Imaginary = left.Imaginary - right.Imaginary };
|
||||
}
|
||||
@@ -1,20 +0,0 @@
|
||||
interfacemembers
|
||||
| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | abstract |
|
||||
| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | public |
|
||||
| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | static |
|
||||
| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | public |
|
||||
| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | static |
|
||||
| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | virtual |
|
||||
| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | abstract |
|
||||
| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | public |
|
||||
| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | static |
|
||||
| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | public |
|
||||
| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | static |
|
||||
| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | virtual |
|
||||
| INumber<> | StaticInterfaceMembers.cs:11:14:11:17 | Zero | public |
|
||||
| INumber<> | StaticInterfaceMembers.cs:11:14:11:17 | Zero | static |
|
||||
implements
|
||||
| StaticInterfaceMembers.cs:23:36:23:37 | ++ | StaticInterfaceMembers.cs:3:32:3:33 | ++ |
|
||||
| StaticInterfaceMembers.cs:26:36:26:37 | -- | StaticInterfaceMembers.cs:5:31:5:32 | -- |
|
||||
| StaticInterfaceMembers.cs:29:27:29:29 | Add | StaticInterfaceMembers.cs:7:23:7:25 | Add |
|
||||
| StaticInterfaceMembers.cs:32:27:32:34 | Subtract | StaticInterfaceMembers.cs:9:22:9:29 | Subtract |
|
||||
@@ -1,18 +0,0 @@
|
||||
import csharp
|
||||
|
||||
query predicate interfacemembers(string interface, Member m, string modifier) {
|
||||
exists(Interface i |
|
||||
i.isUnboundDeclaration() and
|
||||
i.getFile().getStem() = "StaticInterfaceMembers" and
|
||||
i.getName() = interface and
|
||||
m = i.getAMember() and
|
||||
modifier = m.getAModifier().getName()
|
||||
)
|
||||
}
|
||||
|
||||
query predicate implements(Overridable o, Virtualizable v) {
|
||||
v.getFile().getStem() = "StaticInterfaceMembers" and
|
||||
(v.isVirtual() or v.isAbstract()) and
|
||||
v.isStatic() and
|
||||
v.getAnImplementor() = o
|
||||
}
|
||||
@@ -7,7 +7,6 @@ type NUL && "%CODEQL_DIST%\codeql" database index-files ^
|
||||
--include-extension=.xml ^
|
||||
--size-limit 10m ^
|
||||
--language xml ^
|
||||
--working-dir=. ^
|
||||
-- ^
|
||||
"%CODEQL_EXTRACTOR_CSHARP_WIP_DATABASE%" ^
|
||||
>nul 2>&1
|
||||
|
||||
@@ -9,7 +9,6 @@ set -eu
|
||||
--include-extension=.xml \
|
||||
--size-limit 10m \
|
||||
--language xml \
|
||||
--working-dir=. \
|
||||
-- \
|
||||
"$CODEQL_EXTRACTOR_CSHARP_WIP_DATABASE" \
|
||||
> /dev/null 2>&1
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Modified the behaviour of the `go/log-injection` query for `logrus` so that logging functions are not marked as data flow sources if only sanitizing formatters are installed with `SetFormatter` and through the `Formatter` property of `Logger` objects.
|
||||
@@ -32,12 +32,7 @@ module Logrus {
|
||||
}
|
||||
|
||||
private class LogCall extends LoggerCall::Range, DataFlow::CallNode {
|
||||
LogCall() {
|
||||
// find calls to logrus logging functions
|
||||
this = any(LogFunction f).getACall() and
|
||||
// unless all formatters that get assigned may be sanitizing formatters
|
||||
not allFormattersMayBeSanitizing()
|
||||
}
|
||||
LogCall() { this = any(LogFunction f).getACall() }
|
||||
|
||||
override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() }
|
||||
}
|
||||
@@ -54,102 +49,4 @@ module Logrus {
|
||||
|
||||
override int getFirstFormattedParameterIndex() { result = argOffset + 1 }
|
||||
}
|
||||
|
||||
private class SetFormatterFunction extends Function {
|
||||
SetFormatterFunction() {
|
||||
this.hasQualifiedName(packagePath(), "SetFormatter") or
|
||||
this.(Method).hasQualifiedName(packagePath(), "Logger", "SetFormatter")
|
||||
}
|
||||
}
|
||||
|
||||
private class JsonFormatter extends SanitizingFormatter {
|
||||
JsonFormatter() { this.hasQualifiedName(packagePath(), "JSONFormatter") }
|
||||
}
|
||||
|
||||
/**
|
||||
* A type which represents a sanitizing formatter for Logrus.
|
||||
*
|
||||
* Extend this class to add support for additional, sanitizing formatters.
|
||||
*/
|
||||
abstract class SanitizingFormatter extends Type { }
|
||||
|
||||
/**
|
||||
* An assignment statement that assigns a value to the `Formatter` property of a `Logger` object.
|
||||
*/
|
||||
private class SetFormatterAssignment extends AssignStmt {
|
||||
int lhsIndex;
|
||||
|
||||
SetFormatterAssignment() {
|
||||
exists(Field field |
|
||||
this.getLhs(lhsIndex).(SelectorExpr).uses(field) and
|
||||
field.hasQualifiedName(packagePath(), "Logger", "Formatter")
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the formatter that is being assigned to the `Formatter` property.
|
||||
*/
|
||||
Expr getFormatter() { result = this.getRhs(lhsIndex) }
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if there is local data flow to `node` that, at some point, has a sanitizing formatter
|
||||
* type.
|
||||
*/
|
||||
private predicate mayBeSanitizingFormatter(DataFlow::Node node) {
|
||||
// is there data flow from something of a sanitizing formatter type to the node?
|
||||
exists(DataFlow::Node source |
|
||||
// this is a slight approximation since a variable could be set to a
|
||||
// sanitizing formatter and then replaced with another one that isn't
|
||||
DataFlow::localFlow(source, node) and
|
||||
source.getType() = any(SanitizingFormatter f).getPointerType()
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if `node` is the first argument to a call to the `SetFormatter` function or if `node`
|
||||
* is the value being assigned to the `Formatter` property of a `Logger` object. The `expr`
|
||||
* is the corresponding expression (the function call or the rhs of the assignment).
|
||||
*/
|
||||
private predicate isFormatter(DataFlow::Node node, Expr expr) {
|
||||
exists(DataFlow::CallNode call |
|
||||
call = any(SetFormatterFunction f).getACall() and
|
||||
node = call.getArgument(0) and
|
||||
expr = call.asExpr()
|
||||
)
|
||||
or
|
||||
expr = any(SetFormatterAssignment stmt).getFormatter() and
|
||||
node.asExpr() = expr
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if `expr` is conditional within its enclosing function and there are no other formatter
|
||||
* assignments in the same function.
|
||||
*/
|
||||
private predicate isSoleConditional(Expr expr) {
|
||||
exists(FuncDef func |
|
||||
// find the enclosing function
|
||||
func = expr.getEnclosingFunction() and
|
||||
// check that the expression is conditional
|
||||
expr.getParent*() instanceof IfStmt and
|
||||
// and there isn't another formatter assignment in the function
|
||||
not exists(Expr formatterAssignment |
|
||||
isFormatter(_, formatterAssignment) and
|
||||
formatterAssignment.getEnclosingFunction() = func and
|
||||
expr != formatterAssignment
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if all calls to `SetFormatter` have a sanitizing formatter as argument and all
|
||||
* assignments to the `Formatter` property of `Logger` values are also sanitizing formatters.
|
||||
* Also holds if there are not any calls to `SetFormatter` or assignments to the `Formatter`
|
||||
* property in the codebase.
|
||||
*/
|
||||
private predicate allFormattersMayBeSanitizing() {
|
||||
forex(DataFlow::Node node, Expr expr | isFormatter(node, expr) |
|
||||
mayBeSanitizingFormatter(node) and not isSoleConditional(expr)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,31 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,27 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func initLogger(useJSON bool) {
|
||||
if useJSON {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
} else {
|
||||
// another safe formatter
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
}
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,31 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.TextFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,32 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
textFormatter := new(logrus.TextFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = textFormatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,31 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.TextFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,32 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
textFormatter := new(logrus.TextFormatter)
|
||||
logrus.SetFormatter(textFormatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,31 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.TextFormatter{})
|
||||
logger.SetFormatter(formatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,32 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func main() {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
|
||||
formatter := new(logrus.JSONFormatter)
|
||||
textFormatter := new(logrus.TextFormatter)
|
||||
logrus.SetFormatter(formatter)
|
||||
|
||||
logger := logrus.StandardLogger()
|
||||
logger.SetFormatter(&logrus.JSONFormatter{})
|
||||
logger.SetFormatter(textFormatter)
|
||||
logger.Formatter = &logrus.JSONFormatter{}
|
||||
logger.Formatter = formatter
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
@@ -1,11 +0,0 @@
|
||||
import go
|
||||
import TestUtilities.InlineFlowTest
|
||||
import semmle.go.security.LogInjection
|
||||
|
||||
class LogInjectionTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getTaintFlowConfig() {
|
||||
result = any(LogInjection::Configuration config)
|
||||
}
|
||||
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
module main
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
)
|
||||
@@ -1,24 +0,0 @@
|
||||
package main
|
||||
|
||||
//go:generate depstubber -vendor github.com/sirupsen/logrus Fields,Logger,JSONFormatter,TextFormatter SetFormatter,StandardLogger,WithFields
|
||||
//go:generate depstubber -vendor github.com/elazarl/goproxy ProxyCtx ""
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/elazarl/goproxy"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func initLogger(useJSON bool) {
|
||||
if useJSON {
|
||||
logrus.SetFormatter(&logrus.JSONFormatter{})
|
||||
}
|
||||
}
|
||||
|
||||
func logUserData(req *http.Request, ctx *goproxy.ProxyCtx) {
|
||||
username := req.URL.Query()["username"][0]
|
||||
logrus.WithFields(logrus.Fields{ // $ hasTaintFlow="map literal"
|
||||
"USERNAME": username,
|
||||
})
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/elazarl/goproxy, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/elazarl/goproxy (exports: ProxyCtx; functions: )
|
||||
|
||||
// Package goproxy is a stub of github.com/elazarl/goproxy, generated by depstubber.
|
||||
package goproxy
|
||||
|
||||
import (
|
||||
tls "crypto/tls"
|
||||
net "net"
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CertStorage interface {
|
||||
Fetch(_ string, _ func() (*tls.Certificate, error)) (*tls.Certificate, error)
|
||||
}
|
||||
|
||||
type ConnectAction struct {
|
||||
Action ConnectActionLiteral
|
||||
Hijack func(*http.Request, net.Conn, *ProxyCtx)
|
||||
TLSConfig func(string, *ProxyCtx) (*tls.Config, error)
|
||||
}
|
||||
|
||||
type ConnectActionLiteral int
|
||||
|
||||
type HttpsHandler interface {
|
||||
HandleConnect(_ string, _ *ProxyCtx) (*ConnectAction, string)
|
||||
}
|
||||
|
||||
type Logger interface {
|
||||
Printf(_ string, _ ...interface{})
|
||||
}
|
||||
|
||||
type ProxyConds struct{}
|
||||
|
||||
func (_ *ProxyConds) Do(_ RespHandler) {}
|
||||
|
||||
func (_ *ProxyConds) DoFunc(_ func(*http.Response, *ProxyCtx) *http.Response) {}
|
||||
|
||||
type ProxyCtx struct {
|
||||
Req *http.Request
|
||||
Resp *http.Response
|
||||
RoundTripper RoundTripper
|
||||
Error error
|
||||
UserData interface{}
|
||||
Session int64
|
||||
Proxy *ProxyHttpServer
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Charset() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Logf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *ProxyCtx) RoundTrip(_ *http.Request) (*http.Response, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *ProxyCtx) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
type ProxyHttpServer struct {
|
||||
KeepDestinationHeaders bool
|
||||
Verbose bool
|
||||
Logger Logger
|
||||
NonproxyHandler http.Handler
|
||||
Tr *http.Transport
|
||||
ConnectDial func(string, string) (net.Conn, error)
|
||||
ConnectDialWithReq func(*http.Request, string, string) (net.Conn, error)
|
||||
CertStore CertStorage
|
||||
KeepHeader bool
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxy(_ string) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) NewConnectDialToProxyWithHandler(_ string, _ func(*http.Request)) func(string, string) (net.Conn, error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnRequest(_ ...ReqCondition) *ReqProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) OnResponse(_ ...RespCondition) *ProxyConds {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *ProxyHttpServer) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
type ReqCondition interface {
|
||||
HandleReq(_ *http.Request, _ *ProxyCtx) bool
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type ReqHandler interface {
|
||||
Handle(_ *http.Request, _ *ProxyCtx) (*http.Request, *http.Response)
|
||||
}
|
||||
|
||||
type ReqProxyConds struct{}
|
||||
|
||||
func (_ *ReqProxyConds) Do(_ ReqHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) DoFunc(_ func(*http.Request, *ProxyCtx) (*http.Request, *http.Response)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnect(_ HttpsHandler) {}
|
||||
|
||||
func (_ *ReqProxyConds) HandleConnectFunc(_ func(string, *ProxyCtx) (*ConnectAction, string)) {}
|
||||
|
||||
func (_ *ReqProxyConds) HijackConnect(_ func(*http.Request, net.Conn, *ProxyCtx)) {}
|
||||
|
||||
type RespCondition interface {
|
||||
HandleResp(_ *http.Response, _ *ProxyCtx) bool
|
||||
}
|
||||
|
||||
type RespHandler interface {
|
||||
Handle(_ *http.Response, _ *ProxyCtx) *http.Response
|
||||
}
|
||||
|
||||
type RoundTripper interface {
|
||||
RoundTrip(_ *http.Request, _ *ProxyCtx) (*http.Response, error)
|
||||
}
|
||||
@@ -1,357 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/sirupsen/logrus, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/sirupsen/logrus (exports: Fields,Logger,JSONFormatter,TextFormatter; functions: SetFormatter,StandardLogger,WithFields)
|
||||
|
||||
// Package logrus is a stub of github.com/sirupsen/logrus, generated by depstubber.
|
||||
package logrus
|
||||
|
||||
import (
|
||||
bytes "bytes"
|
||||
context "context"
|
||||
io "io"
|
||||
runtime "runtime"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Entry struct {
|
||||
Logger *Logger
|
||||
Data Fields
|
||||
Time time.Time
|
||||
Level Level
|
||||
Caller *runtime.Frame
|
||||
Message string
|
||||
Buffer *bytes.Buffer
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
func (_ Entry) HasCaller() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Entry) Bytes() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Dup() *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) String() (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Entry) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Entry) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
type FieldMap map[interface{}]string
|
||||
|
||||
type Fields map[string]interface{}
|
||||
|
||||
type Formatter interface {
|
||||
Format(_ *Entry) ([]byte, error)
|
||||
}
|
||||
|
||||
type Hook interface {
|
||||
Fire(_ *Entry) error
|
||||
Levels() []Level
|
||||
}
|
||||
|
||||
type JSONFormatter struct {
|
||||
TimestampFormat string
|
||||
DisableTimestamp bool
|
||||
DisableHTMLEscape bool
|
||||
DataKey string
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
PrettyPrint bool
|
||||
}
|
||||
|
||||
func (_ *JSONFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type Level uint32
|
||||
|
||||
func (_ Level) MarshalText() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ Level) String() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Level) UnmarshalText(_ []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LevelHooks map[Level][]Hook
|
||||
|
||||
func (_ LevelHooks) Add(_ Hook) {}
|
||||
|
||||
func (_ LevelHooks) Fire(_ Level, _ *Entry) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type LogFunction func() []interface{}
|
||||
|
||||
type Logger struct {
|
||||
Out io.Writer
|
||||
Hooks LevelHooks
|
||||
Formatter Formatter
|
||||
ReportCaller bool
|
||||
Level Level
|
||||
ExitFunc interface{}
|
||||
}
|
||||
|
||||
func (_ *Logger) AddHook(_ Hook) {}
|
||||
|
||||
func (_ *Logger) Debug(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) DebugFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Debugf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Debugln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Error(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ErrorFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Errorf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Errorln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Exit(_ int) {}
|
||||
|
||||
func (_ *Logger) Fatal(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) FatalFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Fatalf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Fatalln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) GetLevel() Level {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Logger) Info(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) InfoFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Infof(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Infoln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) IsLevelEnabled(_ Level) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Logger) Log(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) LogFn(_ Level, _ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Logf(_ Level, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Logln(_ Level, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panic(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PanicFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Panicf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Panicln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Print(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) PrintFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Printf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Println(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) ReplaceHooks(_ LevelHooks) LevelHooks {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) SetFormatter(_ Formatter) {}
|
||||
|
||||
func (_ *Logger) SetLevel(_ Level) {}
|
||||
|
||||
func (_ *Logger) SetNoLock() {}
|
||||
|
||||
func (_ *Logger) SetOutput(_ io.Writer) {}
|
||||
|
||||
func (_ *Logger) SetReportCaller(_ bool) {}
|
||||
|
||||
func (_ *Logger) Trace(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) TraceFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Tracef(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Traceln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warn(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarnFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warnf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warning(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WarningFn(_ LogFunction) {}
|
||||
|
||||
func (_ *Logger) Warningf(_ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warningln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) Warnln(_ ...interface{}) {}
|
||||
|
||||
func (_ *Logger) WithContext(_ context.Context) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithError(_ error) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithField(_ string, _ interface{}) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WithTime(_ time.Time) *Entry {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) Writer() *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Logger) WriterLevel(_ Level) *io.PipeWriter {
|
||||
return nil
|
||||
}
|
||||
|
||||
func SetFormatter(_ Formatter) {}
|
||||
|
||||
func StandardLogger() *Logger {
|
||||
return nil
|
||||
}
|
||||
|
||||
type TextFormatter struct {
|
||||
ForceColors bool
|
||||
DisableColors bool
|
||||
ForceQuote bool
|
||||
DisableQuote bool
|
||||
EnvironmentOverrideColors bool
|
||||
DisableTimestamp bool
|
||||
FullTimestamp bool
|
||||
TimestampFormat string
|
||||
DisableSorting bool
|
||||
SortingFunc func([]string)
|
||||
DisableLevelTruncation bool
|
||||
PadLevelText bool
|
||||
QuoteEmptyFields bool
|
||||
FieldMap FieldMap
|
||||
CallerPrettyfier func(*runtime.Frame) (string, string)
|
||||
}
|
||||
|
||||
func (_ *TextFormatter) Format(_ *Entry) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func WithFields(_ Fields) *Entry {
|
||||
return nil
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
|
||||
## explicit
|
||||
github.com/elazarl/goproxy
|
||||
# github.com/sirupsen/logrus v1.8.1
|
||||
## explicit
|
||||
github.com/sirupsen/logrus
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user