hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 21:44:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
bbaff8b1999c8152e606b6092ec79f026fda0107
codeql/go/ql/lib/ext/github.com.revel.revel.model.yml
Owen Mansel-Chan 49f3959405 Convert url-redirection sinks to MaD
2024-08-11 00:29:53 +01:00

59 lines
4.4 KiB
YAML
Raw Blame History

extensions:
- addsTo:
pack: codeql/go-all
extensible: packageGrouping
data:
- ["revel", "github.com/revel/revel"]
- ["revel", "github.com/robfig/revel"]
- addsTo:
pack: codeql/go-all
extensible: sinkModel
data:
- ["group:revel", "Controller", True, "Redirect", "", "", "Argument[0]", "url-redirection", "manual"] # It is currently assumed that a tainted `value` in `Redirect(url, value)`, which calls `Sprintf(url, value)` internally, cannot lead to an open redirect vulnerability.
- addsTo:
pack: codeql/go-all
extensible: sourceModel
data:
- ["group:revel", "Controller", True, "Params", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "Header", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "ContentType", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "AcceptLanguages", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "Locale", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "URL", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "Form", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "MultipartForm", "", "", "", "remote", "manual"]
- ["group:revel", "RouteMatch", True, "Params", "", "", "", "remote", "manual"]
- ["group:revel", "Request", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"]
- ["group:revel", "Request", True, "FormValue", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "GetBody", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "GetForm", "", "", "ReturnValue[0]", "remote", "manual"]
- ["group:revel", "Request", True, "GetHttpHeader", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "GetMultipartForm", "", "", "ReturnValue[0]", "remote", "manual"]
- ["group:revel", "Request", True, "GetQuery", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "GetRequestURI", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "MultipartReader", "", "", "ReturnValue[0]", "remote", "manual"]
- ["group:revel", "Request", True, "PostFormValue", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "Referer", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "Request", True, "UserAgent", "", "", "ReturnValue", "remote", "manual"]
- ["group:revel", "ServerWebSocket", True, "MessageReceive", "", "", "Argument[0]", "remote", "manual"]
- ["group:revel", "ServerWebSocket", True, "MessageReceiveJSON", "", "", "Argument[0]", "remote", "manual"]
- addsTo:
pack: codeql/go-all
extensible: sinkModel
data:
- ["group:revel", "Controller", True, "RenderFileName", "", "", "Argument[0]", "path-injection", "manual"] # we model this as a path-injection sink rather than extending HTTP::ResponseBody as this will usually mean exposing a user-controlled file rather than the actual contents being user-controlled.
- addsTo:
pack: codeql/go-all
extensible: summaryModel
data:
- ["group:revel", "Params", True, "Bind", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"]
- ["group:revel", "Params", True, "BindJSON", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"]
- ["group:revel", "RevelHeader", True, "Add", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"]
- ["group:revel", "RevelHeader", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
- ["group:revel", "RevelHeader", True, "GetAll", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
- ["group:revel", "RevelHeader", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"]
- ["group:revel", "RevelHeader", True, "SetCookie", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"]
- ["group:revel", "ServerCookie", True, "GetValue", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
- ["group:revel", "ServerMultipartForm", True, "GetFiles", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
- ["group:revel", "ServerMultipartForm", True, "GetValues", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
Reference in New Issue View Git Blame Copy Permalink