diff --git a/go/ql/lib/change-notes/2024-05-23-models-as-data-argument-receiver.md b/go/ql/lib/change-notes/2024-05-23-models-as-data-argument-receiver.md new file mode 100644 index 000000000000..a48caed4fe73 --- /dev/null +++ b/go/ql/lib/change-notes/2024-05-23-models-as-data-argument-receiver.md @@ -0,0 +1,5 @@ +--- +category: feature +--- +* When writing models-as-data models, the receiver is now referred to as `Argument[receiver]` rather than `Argument[-1]`. +* Neutral models are now supported. They have no effect except that a manual neutral summary model will stop a generated summary model from having any effect. diff --git a/go/ql/lib/ext/archive.tar.model.yml b/go/ql/lib/ext/archive.tar.model.yml index 2ca4d2c93c23..f1212e35c022 100644 --- a/go/ql/lib/ext/archive.tar.model.yml +++ b/go/ql/lib/ext/archive.tar.model.yml @@ -5,6 +5,6 @@ extensions: data: - ["archive/tar", "", False, "FileInfoHeader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["archive/tar", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["archive/tar", "Header", True, "FileInfo", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["archive/tar", "Reader", True, "Next", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["archive/tar", "Writer", True, "WriteHeader", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["archive/tar", "Header", True, "FileInfo", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["archive/tar", "Reader", True, "Next", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["archive/tar", "Writer", True, "WriteHeader", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/archive.zip.model.yml b/go/ql/lib/ext/archive.zip.model.yml index 0e9f0b48ffaf..17e2bb0bd789 100644 --- a/go/ql/lib/ext/archive.zip.model.yml +++ b/go/ql/lib/ext/archive.zip.model.yml @@ -6,6 +6,6 @@ extensions: - ["archive/zip", "", False, "FileInfoHeader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["archive/zip", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["archive/zip", "", False, "OpenReader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["archive/zip", "File", True, "Open", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["archive/zip", "File", True, "OpenRaw", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["archive/zip", "Writer", True, "Copy", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["archive/zip", "File", True, "Open", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["archive/zip", "File", True, "OpenRaw", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["archive/zip", "Writer", True, "Copy", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/bufio.model.yml b/go/ql/lib/ext/bufio.model.yml index c7d55f149577..e9dd22e66861 100644 --- a/go/ql/lib/ext/bufio.model.yml +++ b/go/ql/lib/ext/bufio.model.yml @@ -11,12 +11,12 @@ extensions: - ["bufio", "", False, "ScanLines", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] - ["bufio", "", False, "ScanRunes", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] - ["bufio", "", False, "ScanWords", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] - - ["bufio", "Reader", True, "Peek", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bufio", "Reader", True, "ReadBytes", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bufio", "Reader", True, "ReadLine", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bufio", "Reader", True, "ReadSlice", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bufio", "Reader", True, "ReadString", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bufio", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["bufio", "Scanner", True, "Bytes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["bufio", "Scanner", True, "Text", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["bufio", "Writer", True, "Reset", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["bufio", "Reader", True, "Peek", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bufio", "Reader", True, "ReadBytes", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bufio", "Reader", True, "ReadLine", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bufio", "Reader", True, "ReadSlice", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bufio", "Reader", True, "ReadString", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bufio", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["bufio", "Scanner", True, "Bytes", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["bufio", "Scanner", True, "Text", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["bufio", "Writer", True, "Reset", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/bytes.model.yml b/go/ql/lib/ext/bytes.model.yml index 975cc47397be..762d0ca16ee6 100644 --- a/go/ql/lib/ext/bytes.model.yml +++ b/go/ql/lib/ext/bytes.model.yml @@ -41,8 +41,8 @@ extensions: - ["bytes", "", False, "TrimRightFunc", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["bytes", "", False, "TrimSpace", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["bytes", "", False, "TrimSuffix", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["bytes", "Buffer", True, "Bytes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["bytes", "Buffer", True, "Next", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["bytes", "Buffer", True, "ReadBytes", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bytes", "Buffer", True, "ReadString", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["bytes", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["bytes", "Buffer", True, "Bytes", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["bytes", "Buffer", True, "Next", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["bytes", "Buffer", True, "ReadBytes", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bytes", "Buffer", True, "ReadString", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["bytes", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/compress.flate.model.yml b/go/ql/lib/ext/compress.flate.model.yml index 028039c66786..5b36372c8c09 100644 --- a/go/ql/lib/ext/compress.flate.model.yml +++ b/go/ql/lib/ext/compress.flate.model.yml @@ -5,5 +5,5 @@ extensions: data: - ["compress/flate", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["compress/flate", "", False, "NewReaderDict", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["compress/flate", "Resetter", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["compress/flate", "Writer", True, "Reset", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["compress/flate", "Resetter", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["compress/flate", "Writer", True, "Reset", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/compress.gzip.model.yml b/go/ql/lib/ext/compress.gzip.model.yml index bd37d74bbc5b..d3da545b4483 100644 --- a/go/ql/lib/ext/compress.gzip.model.yml +++ b/go/ql/lib/ext/compress.gzip.model.yml @@ -4,5 +4,5 @@ extensions: extensible: summaryModel data: - ["compress/gzip", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["compress/gzip", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["compress/gzip", "Writer", True, "Reset", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["compress/gzip", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["compress/gzip", "Writer", True, "Reset", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/compress.zlib.model.yml b/go/ql/lib/ext/compress.zlib.model.yml index df140e6b862e..abd162c33923 100644 --- a/go/ql/lib/ext/compress.zlib.model.yml +++ b/go/ql/lib/ext/compress.zlib.model.yml @@ -5,5 +5,5 @@ extensions: data: - ["compress/zlib", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["compress/zlib", "", False, "NewReaderDict", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["compress/zlib", "Resetter", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["compress/zlib", "Writer", True, "Reset", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["compress/zlib", "Resetter", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["compress/zlib", "Writer", True, "Reset", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/container.heap.model.yml b/go/ql/lib/ext/container.heap.model.yml index dc3d5e2c918c..57aabd12ea27 100644 --- a/go/ql/lib/ext/container.heap.model.yml +++ b/go/ql/lib/ext/container.heap.model.yml @@ -6,5 +6,5 @@ extensions: - ["container/heap", "", False, "Pop", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["container/heap", "", False, "Push", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - ["container/heap", "", False, "Remove", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/heap", "Interface", True, "Pop", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/heap", "Interface", True, "Push", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/heap", "Interface", True, "Pop", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/heap", "Interface", True, "Push", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/container.list.model.yml b/go/ql/lib/ext/container.list.model.yml index f41bddc61d3a..a02a1a366909 100644 --- a/go/ql/lib/ext/container.list.model.yml +++ b/go/ql/lib/ext/container.list.model.yml @@ -3,23 +3,23 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["container/list", "Element", True, "Next", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/list", "Element", True, "Prev", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "Back", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "Front", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "Init", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "InsertAfter", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/list", "Element", True, "Next", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/list", "Element", True, "Prev", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/list", "List", True, "Back", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/list", "List", True, "Front", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/list", "List", True, "Init", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/list", "List", True, "InsertAfter", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["container/list", "List", True, "InsertAfter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "InsertBefore", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/list", "List", True, "InsertBefore", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["container/list", "List", True, "InsertBefore", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "MoveAfter", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["container/list", "List", True, "MoveBefore", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["container/list", "List", True, "MoveToBack", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["container/list", "List", True, "MoveToFront", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["container/list", "List", True, "PushBack", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/list", "List", True, "MoveAfter", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["container/list", "List", True, "MoveBefore", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["container/list", "List", True, "MoveToBack", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["container/list", "List", True, "MoveToFront", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["container/list", "List", True, "PushBack", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["container/list", "List", True, "PushBack", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "PushBackList", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["container/list", "List", True, "PushFront", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/list", "List", True, "PushBackList", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["container/list", "List", True, "PushFront", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["container/list", "List", True, "PushFront", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/list", "List", True, "PushFrontList", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["container/list", "List", True, "PushFrontList", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["container/list", "List", True, "Remove", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/container.ring.model.yml b/go/ql/lib/ext/container.ring.model.yml index 5e815bcd2911..cddea0f9a6b9 100644 --- a/go/ql/lib/ext/container.ring.model.yml +++ b/go/ql/lib/ext/container.ring.model.yml @@ -4,7 +4,7 @@ extensions: extensible: summaryModel data: - ["container/ring", "Ring", True, "Link", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["container/ring", "Ring", True, "Move", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/ring", "Ring", True, "Next", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/ring", "Ring", True, "Prev", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["container/ring", "Ring", True, "Unlink", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["container/ring", "Ring", True, "Move", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/ring", "Ring", True, "Next", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/ring", "Ring", True, "Prev", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["container/ring", "Ring", True, "Unlink", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/context.model.yml b/go/ql/lib/ext/context.model.yml index c134980a1967..b71adeb6b3c7 100644 --- a/go/ql/lib/ext/context.model.yml +++ b/go/ql/lib/ext/context.model.yml @@ -7,4 +7,4 @@ extensions: - ["context", "", False, "WithDeadline", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["context", "", False, "WithTimeout", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["context", "", False, "WithValue", "", "", "Argument[0..2]", "ReturnValue", "taint", "manual"] - - ["context", "Context", True, "Value", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["context", "Context", True, "Value", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/database.sql.driver.model.yml b/go/ql/lib/ext/database.sql.driver.model.yml index 473439fb173a..c2d780bb7c86 100644 --- a/go/ql/lib/ext/database.sql.driver.model.yml +++ b/go/ql/lib/ext/database.sql.driver.model.yml @@ -6,4 +6,4 @@ extensions: - ["database/sql/driver", "Conn", True, "Prepare", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["database/sql/driver", "ConnPrepareContext", True, "PrepareContext", "", "", "Argument[1]", "ReturnValue[0]", "taint", "manual"] - ["database/sql/driver", "ValueConverter", True, "ConvertValue", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["database/sql/driver", "Valuer", True, "Value", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["database/sql/driver", "Valuer", True, "Value", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/database.sql.model.yml b/go/ql/lib/ext/database.sql.model.yml index bb4dc1a612d5..e1083f6e49a6 100644 --- a/go/ql/lib/ext/database.sql.model.yml +++ b/go/ql/lib/ext/database.sql.model.yml @@ -7,6 +7,6 @@ extensions: - ["database/sql", "Conn", True, "PrepareContext", "", "", "Argument[1]", "ReturnValue[0]", "taint", "manual"] - ["database/sql", "DB", True, "Prepare", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["database/sql", "DB", True, "PrepareContext", "", "", "Argument[1]", "ReturnValue[0]", "taint", "manual"] - - ["database/sql", "Scanner", True, "Scan", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["database/sql", "Scanner", True, "Scan", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["database/sql", "Tx", True, "Prepare", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["database/sql", "Tx", True, "PrepareContext", "", "", "Argument[1]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/empty.model.yml b/go/ql/lib/ext/empty.model.yml index 03279fc65880..867714a30443 100644 --- a/go/ql/lib/ext/empty.model.yml +++ b/go/ql/lib/ext/empty.model.yml @@ -13,3 +13,7 @@ extensions: pack: codeql/go-all extensible: summaryModel data: [] + - addsTo: + pack: codeql/go-all + extensible: neutralModel + data: [] diff --git a/go/ql/lib/ext/encoding.csv.model.yml b/go/ql/lib/ext/encoding.csv.model.yml index 2107e3d784dd..2f2611ad83a6 100644 --- a/go/ql/lib/ext/encoding.csv.model.yml +++ b/go/ql/lib/ext/encoding.csv.model.yml @@ -4,7 +4,7 @@ extensions: extensible: summaryModel data: - ["encoding/csv", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["encoding/csv", "Reader", True, "Read", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/csv", "Reader", True, "ReadAll", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/csv", "Writer", True, "Write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/csv", "Writer", True, "WriteAll", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["encoding/csv", "Reader", True, "Read", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/csv", "Reader", True, "ReadAll", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/csv", "Writer", True, "Write", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/csv", "Writer", True, "WriteAll", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/encoding.gob.model.yml b/go/ql/lib/ext/encoding.gob.model.yml index b999cf874606..c7ce389bd1c5 100644 --- a/go/ql/lib/ext/encoding.gob.model.yml +++ b/go/ql/lib/ext/encoding.gob.model.yml @@ -4,9 +4,9 @@ extensions: extensible: summaryModel data: - ["encoding/gob", "", False, "NewDecoder", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["encoding/gob", "Decoder", True, "Decode", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/gob", "Decoder", True, "DecodeValue", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/gob", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/gob", "Encoder", True, "EncodeValue", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/gob", "GobDecoder", True, "GobDecode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/gob", "GobEncoder", True, "GobEncode", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/gob", "Decoder", True, "Decode", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/gob", "Decoder", True, "DecodeValue", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/gob", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/gob", "Encoder", True, "EncodeValue", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/gob", "GobDecoder", True, "GobDecode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/gob", "GobEncoder", True, "GobEncode", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/encoding.json.model.yml b/go/ql/lib/ext/encoding.json.model.yml index 7ae60f829cc8..b820561fa95c 100644 --- a/go/ql/lib/ext/encoding.json.model.yml +++ b/go/ql/lib/ext/encoding.json.model.yml @@ -10,10 +10,10 @@ extensions: - ["encoding/json", "", False, "MarshalIndent", "", "", "Argument[0..2]", "ReturnValue[0]", "taint", "manual"] - ["encoding/json", "", False, "NewDecoder", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["encoding/json", "", False, "Unmarshal", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["encoding/json", "Decoder", True, "Buffered", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/json", "Decoder", True, "Decode", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/json", "Decoder", True, "Token", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/json", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/json", "Encoder", True, "SetIndent", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["encoding/json", "Marshaler", True, "MarshalJSON", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/json", "Unmarshaler", True, "UnmarshalJSON", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["encoding/json", "Decoder", True, "Buffered", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/json", "Decoder", True, "Decode", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/json", "Decoder", True, "Token", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/json", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/json", "Encoder", True, "SetIndent", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["encoding/json", "Marshaler", True, "MarshalJSON", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/json", "Unmarshaler", True, "UnmarshalJSON", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/encoding.model.yml b/go/ql/lib/ext/encoding.model.yml index 6fd6bef16ebe..bc1c92e91a75 100644 --- a/go/ql/lib/ext/encoding.model.yml +++ b/go/ql/lib/ext/encoding.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["encoding", "BinaryMarshaler", True, "MarshalBinary", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding", "BinaryUnmarshaler", True, "UnmarshalBinary", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding", "TextMarshaler", True, "MarshalText", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding", "TextUnmarshaler", True, "UnmarshalText", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["encoding", "BinaryMarshaler", True, "MarshalBinary", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding", "BinaryUnmarshaler", True, "UnmarshalBinary", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding", "TextMarshaler", True, "MarshalText", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding", "TextUnmarshaler", True, "UnmarshalText", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/encoding.xml.model.yml b/go/ql/lib/ext/encoding.xml.model.yml index c14b95ae37b9..40824a28c9eb 100644 --- a/go/ql/lib/ext/encoding.xml.model.yml +++ b/go/ql/lib/ext/encoding.xml.model.yml @@ -11,18 +11,18 @@ extensions: - ["encoding/xml", "", False, "NewDecoder", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["encoding/xml", "", False, "NewTokenDecoder", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["encoding/xml", "", False, "Unmarshal", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["encoding/xml", "CharData", True, "Copy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/xml", "Comment", True, "Copy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/xml", "Decoder", True, "Decode", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/xml", "Decoder", True, "DecodeElement", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/xml", "Decoder", True, "RawToken", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/xml", "Directive", True, "Copy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/xml", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/xml", "Encoder", True, "EncodeElement", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/xml", "Encoder", True, "EncodeToken", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["encoding/xml", "Encoder", True, "Indent", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["encoding/xml", "Marshaler", True, "MarshalXML", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["encoding/xml", "ProcInst", True, "Copy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/xml", "StartElement", True, "Copy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["encoding/xml", "TokenReader", True, "Token", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["encoding/xml", "Unmarshaler", True, "UnmarshalXML", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["encoding/xml", "CharData", True, "Copy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/xml", "Comment", True, "Copy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/xml", "Decoder", True, "Decode", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/xml", "Decoder", True, "DecodeElement", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/xml", "Decoder", True, "RawToken", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/xml", "Directive", True, "Copy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/xml", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/xml", "Encoder", True, "EncodeElement", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/xml", "Encoder", True, "EncodeToken", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding/xml", "Encoder", True, "Indent", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["encoding/xml", "Marshaler", True, "MarshalXML", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["encoding/xml", "ProcInst", True, "Copy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/xml", "StartElement", True, "Copy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["encoding/xml", "TokenReader", True, "Token", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding/xml", "Unmarshaler", True, "UnmarshalXML", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/expvar.model.yml b/go/ql/lib/ext/expvar.model.yml index fbb7a099d40c..1cbfc5956568 100644 --- a/go/ql/lib/ext/expvar.model.yml +++ b/go/ql/lib/ext/expvar.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["expvar", "Func", True, "Value", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["expvar", "Map", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["expvar", "Map", True, "Set", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["expvar", "String", True, "Set", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["expvar", "String", True, "Value", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["expvar", "Var", True, "String", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["expvar", "Func", True, "Value", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["expvar", "Map", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["expvar", "Map", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["expvar", "String", True, "Set", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["expvar", "String", True, "Value", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["expvar", "Var", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/fmt.model.yml b/go/ql/lib/ext/fmt.model.yml index 5421368bbca3..5234b509933b 100644 --- a/go/ql/lib/ext/fmt.model.yml +++ b/go/ql/lib/ext/fmt.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["fmt", "GoStringer", True, "GoString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["fmt", "ScanState", True, "Read", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["fmt", "ScanState", True, "Token", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["fmt", "State", True, "Write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["fmt", "Stringer", True, "String", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["fmt", "GoStringer", True, "GoString", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["fmt", "ScanState", True, "Read", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["fmt", "ScanState", True, "Token", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["fmt", "State", True, "Write", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["fmt", "Stringer", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["fmt", "", True, "Append", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["fmt", "", True, "Append", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] - ["fmt", "", True, "Appendf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml b/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml index 7c7e8dd74289..261c1dab61a9 100644 --- a/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml +++ b/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml @@ -13,9 +13,9 @@ extensions: - ["github.com/astaxie/beego/utils", "", False, "SliceReduce", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/astaxie/beego/utils", "", False, "SliceShuffle", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/astaxie/beego/utils", "", False, "SliceUnique", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Items", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[-1]", "taint", "manual"] + - ["github.com/astaxie/beego/utils", "BeeMap", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/astaxie/beego/utils", "BeeMap", True, "Items", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/astaxie/beego/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] - ["github.com/beego/beego/core/utils", "", False, "SliceChunk", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/beego/beego/core/utils", "", False, "SliceDiff", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/beego/beego/core/utils", "", False, "SliceFilter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] @@ -26,6 +26,6 @@ extensions: - ["github.com/beego/beego/core/utils", "", False, "SliceReduce", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/beego/beego/core/utils", "", False, "SliceShuffle", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/beego/beego/core/utils", "", False, "SliceUnique", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Items", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[-1]", "taint", "manual"] + - ["github.com/beego/beego/core/utils", "BeeMap", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/beego/beego/core/utils", "BeeMap", True, "Items", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/beego/beego/core/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.elazarl.goproxy.model.yml b/go/ql/lib/ext/github.com.elazarl.goproxy.model.yml index 8b73a46afaa8..28fe818ff67b 100644 --- a/go/ql/lib/ext/github.com.elazarl.goproxy.model.yml +++ b/go/ql/lib/ext/github.com.elazarl.goproxy.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/elazarl/goproxy", "CertStorage", True, "Fetch", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/elazarl/goproxy", "CertStorage", True, "Fetch", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["github.com/elazarl/goproxy", "CertStorage", True, "Fetch", "", "", "Argument[1]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.evanphx.json-patch.model.yml b/go/ql/lib/ext/github.com.evanphx.json-patch.model.yml index 227e97354936..4824f521e4ef 100644 --- a/go/ql/lib/ext/github.com.evanphx.json-patch.model.yml +++ b/go/ql/lib/ext/github.com.evanphx.json-patch.model.yml @@ -7,11 +7,11 @@ extensions: - ["github.com/evanphx/json-patch", "", False, "DecodePatch", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "", False, "MergeMergePatches", "", "", "Argument[0..1]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "", False, "MergePatch", "", "", "Argument[0..1]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/evanphx/json-patch", "Patch", True, "Apply", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/evanphx/json-patch", "Patch", True, "Apply", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "Patch", True, "Apply", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndent", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndent", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndent", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndentWithOptions", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndentWithOptions", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "Patch", True, "ApplyIndentWithOptions", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/evanphx/json-patch", "Patch", True, "ApplyWithOptions", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/evanphx/json-patch", "Patch", True, "ApplyWithOptions", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["github.com/evanphx/json-patch", "Patch", True, "ApplyWithOptions", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml b/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml index 04c9f1e821ed..148b7d8cead2 100644 --- a/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml +++ b/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/gin-gonic/gin", "Params", True, "ByName", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/gin-gonic/gin", "Params", True, "Get", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/gin-gonic/gin", "Params", True, "ByName", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/gin-gonic/gin", "Params", True, "Get", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.go-jose.go-jose.model.yml b/go/ql/lib/ext/github.com.go-jose.go-jose.model.yml index bd13c79ea3a2..63143cb8e5da 100644 --- a/go/ql/lib/ext/github.com.go-jose.go-jose.model.yml +++ b/go/ql/lib/ext/github.com.go-jose.go-jose.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "JSONWebToken", True, "UnsafeClaimsWithoutVerification", "", "", "Argument[-1]", "jwt", "manual"] + - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "JSONWebToken", True, "UnsafeClaimsWithoutVerification", "", "", "Argument[receiver]", "jwt", "manual"] - addsTo: pack: codeql/go-all extensible: summaryModel @@ -11,4 +11,4 @@ extensions: - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "", True, "ParseEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "", True, "ParseSigned", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "NestedJSONWebToken", True, "ParseSignedAndEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "NestedJSONWebToken", True, "Decrypt", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/go-jose/go-jose/$ANYVERSION/jwt", "NestedJSONWebToken", True, "Decrypt", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.labstack.echo.model.yml b/go/ql/lib/ext/github.com.labstack.echo.model.yml index 964c55ec2fc0..41de417d5c2b 100644 --- a/go/ql/lib/ext/github.com.labstack.echo.model.yml +++ b/go/ql/lib/ext/github.com.labstack.echo.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/labstack/echo", "Context", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/labstack/echo", "Context", True, "Set", "", "", "Argument[1]", "Argument[-1]", "taint", "manual"] + - ["github.com/labstack/echo", "Context", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/labstack/echo", "Context", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.revel.revel.model.yml b/go/ql/lib/ext/github.com.revel.revel.model.yml index 3bff43153b1e..099e26d05e84 100644 --- a/go/ql/lib/ext/github.com.revel.revel.model.yml +++ b/go/ql/lib/ext/github.com.revel.revel.model.yml @@ -3,23 +3,23 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/revel/revel", "Params", True, "Bind", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["github.com/revel/revel", "Params", True, "BindJSON", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["github.com/revel/revel", "RevelHeader", True, "Add", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["github.com/revel/revel", "RevelHeader", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/revel/revel", "RevelHeader", True, "GetAll", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/revel/revel", "RevelHeader", True, "Set", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["github.com/revel/revel", "RevelHeader", True, "SetCookie", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/revel/revel", "ServerCookie", True, "GetValue", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/revel/revel", "ServerMultipartForm", True, "GetFiles", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/revel/revel", "ServerMultipartForm", True, "GetValues", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/robfig/revel", "Params", True, "Bind", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["github.com/robfig/revel", "Params", True, "BindJSON", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["github.com/robfig/revel", "RevelHeader", True, "Add", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["github.com/robfig/revel", "RevelHeader", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/robfig/revel", "RevelHeader", True, "GetAll", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/robfig/revel", "RevelHeader", True, "Set", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["github.com/robfig/revel", "RevelHeader", True, "SetCookie", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/robfig/revel", "ServerCookie", True, "GetValue", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/robfig/revel", "ServerMultipartForm", True, "GetFiles", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/robfig/revel", "ServerMultipartForm", True, "GetValues", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["github.com/revel/revel", "Params", True, "Bind", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["github.com/revel/revel", "Params", True, "BindJSON", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["github.com/revel/revel", "RevelHeader", True, "Add", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["github.com/revel/revel", "RevelHeader", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/revel/revel", "RevelHeader", True, "GetAll", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/revel/revel", "RevelHeader", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["github.com/revel/revel", "RevelHeader", True, "SetCookie", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/revel/revel", "ServerCookie", True, "GetValue", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/revel/revel", "ServerMultipartForm", True, "GetFiles", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/revel/revel", "ServerMultipartForm", True, "GetValues", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/robfig/revel", "Params", True, "Bind", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["github.com/robfig/revel", "Params", True, "BindJSON", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["github.com/robfig/revel", "RevelHeader", True, "Add", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["github.com/robfig/revel", "RevelHeader", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/robfig/revel", "RevelHeader", True, "GetAll", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/robfig/revel", "RevelHeader", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["github.com/robfig/revel", "RevelHeader", True, "SetCookie", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/robfig/revel", "ServerCookie", True, "GetValue", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/robfig/revel", "ServerMultipartForm", True, "GetFiles", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/robfig/revel", "ServerMultipartForm", True, "GetValues", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml b/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml index 652f50044b26..033f981c0a26 100644 --- a/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml +++ b/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/valyala/fasthttp", "URI", False, "SetHost", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "SetHostBytes", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "Update", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "UpdateBytes", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "Parse", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] \ No newline at end of file + - ["github.com/valyala/fasthttp", "URI", False, "SetHost", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", False, "SetHostBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", False, "Update", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", False, "UpdateBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", False, "Parse", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/golang.org.x.net.context.model.yml b/go/ql/lib/ext/golang.org.x.net.context.model.yml index d0da8c74903f..873de75761fb 100644 --- a/go/ql/lib/ext/golang.org.x.net.context.model.yml +++ b/go/ql/lib/ext/golang.org.x.net.context.model.yml @@ -7,4 +7,4 @@ extensions: - ["golang.org/x/net/context", "", False, "WithDeadline", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["golang.org/x/net/context", "", False, "WithTimeout", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["golang.org/x/net/context", "", False, "WithValue", "", "", "Argument[0..2]", "ReturnValue", "taint", "manual"] - - ["golang.org/x/net/context", "Context", True, "Value", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["golang.org/x/net/context", "Context", True, "Value", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/golang.org.x.net.html.model.yml b/go/ql/lib/ext/golang.org.x.net.html.model.yml index a92654d0f633..07772307cff2 100644 --- a/go/ql/lib/ext/golang.org.x.net.html.model.yml +++ b/go/ql/lib/ext/golang.org.x.net.html.model.yml @@ -12,10 +12,10 @@ extensions: - ["golang.org/x/net/$ANYVERSION/html", "", False, "ParseWithOptions", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["golang.org/x/net/$ANYVERSION/html", "", False, "Render", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - ["golang.org/x/net/$ANYVERSION/html", "", False, "UnescapeString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Node", True, "AppendChild", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Node", True, "InsertBefore", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Buffered", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Raw", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "TagAttr", "", "", "Argument[-1]", "ReturnValue[1]", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Text", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Token", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Node", True, "AppendChild", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Node", True, "InsertBefore", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Buffered", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Raw", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "TagAttr", "", "", "Argument[receiver]", "ReturnValue[1]", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Text", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["golang.org/x/net/$ANYVERSION/html", "Tokenizer", True, "Token", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/google.golang.org.protobuf.internal.encoding.text.model.yml b/go/ql/lib/ext/google.golang.org.protobuf.internal.encoding.text.model.yml index 90c36d3d69bb..995a0f21fec7 100644 --- a/go/ql/lib/ext/google.golang.org.protobuf.internal.encoding.text.model.yml +++ b/go/ql/lib/ext/google.golang.org.protobuf.internal.encoding.text.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["google.golang.org/protobuf/$ANYVERSION/internal/encoding/text", "Token", True, "String", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["google.golang.org/protobuf/$ANYVERSION/internal/encoding/text", "Token", True, "String", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/google.golang.org.protobuf.internal.impl.model.yml b/go/ql/lib/ext/google.golang.org.protobuf.internal.impl.model.yml index bb60c9861e3d..a65ebbd9faa5 100644 --- a/go/ql/lib/ext/google.golang.org.protobuf.internal.impl.model.yml +++ b/go/ql/lib/ext/google.golang.org.protobuf.internal.impl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["google.golang.org/protobuf/$ANYVERSION/internal/impl", "aberrantMessage", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["google.golang.org/protobuf/$ANYVERSION/internal/impl", "aberrantMessage", True, "GetUnknown", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["google.golang.org/protobuf/$ANYVERSION/internal/impl", "aberrantMessage", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["google.golang.org/protobuf/$ANYVERSION/internal/impl", "aberrantMessage", True, "GetUnknown", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/google.golang.org.protobuf.reflect.protoreflect.model.yml b/go/ql/lib/ext/google.golang.org.protobuf.reflect.protoreflect.model.yml index 94aca9789f73..d1f08da75d5b 100644 --- a/go/ql/lib/ext/google.golang.org.protobuf.reflect.protoreflect.model.yml +++ b/go/ql/lib/ext/google.golang.org.protobuf.reflect.protoreflect.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["google.golang.org/protobuf/$ANYVERSION/reflect/protoreflect", "ProtoMessage", True, "ProtoReflect", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["google.golang.org/protobuf/$ANYVERSION/reflect/protoreflect", "ProtoMessage", True, "ProtoReflect", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/gopkg.in.couchbase.gocb.model.yml b/go/ql/lib/ext/gopkg.in.couchbase.gocb.model.yml index 2a6355bd6a87..8e0613bced68 100644 --- a/go/ql/lib/ext/gopkg.in.couchbase.gocb.model.yml +++ b/go/ql/lib/ext/gopkg.in.couchbase.gocb.model.yml @@ -5,55 +5,55 @@ extensions: data: - ["gopkg.in/couchbase/gocb", "", False, "NewAnalyticsQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["gopkg.in/couchbase/gocb", "", False, "NewN1qlQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["gopkg.in/couchbase/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["github.com/couchbase/gocb", "", False, "NewAnalyticsQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/couchbase/gocb", "", False, "NewN1qlQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbase/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbase/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["github.com/couchbaselabs/gocb", "", False, "NewAnalyticsQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/couchbaselabs/gocb", "", False, "NewN1qlQuery", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "ContextId", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Deferred", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Pretty", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "Priority", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "RawParam", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "AnalyticsQuery", True, "ServerSideTimeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "AdHoc", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Consistency", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ConsistentWith", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Custom", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "PipelineBatch", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "PipelineCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Profile", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ReadOnly", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "ScanCap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/couchbaselabs/gocb", "N1qlQuery", True, "Timeout", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/gopkg.in.macaron.model.yml b/go/ql/lib/ext/gopkg.in.macaron.model.yml index 10846d4e8b6e..fdea494972e9 100644 --- a/go/ql/lib/ext/gopkg.in.macaron.model.yml +++ b/go/ql/lib/ext/gopkg.in.macaron.model.yml @@ -19,4 +19,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["gopkg.in/macaron", "RequestBody", True, "String", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["gopkg.in/macaron", "RequestBody", True, "String", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/gopkg.in.square.go-jose.model.yml b/go/ql/lib/ext/gopkg.in.square.go-jose.model.yml index fa0c38061667..0e04f3ba556a 100644 --- a/go/ql/lib/ext/gopkg.in.square.go-jose.model.yml +++ b/go/ql/lib/ext/gopkg.in.square.go-jose.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["gopkg.in/square/go-jose.v2/jwt", "JSONWebToken", True, "UnsafeClaimsWithoutVerification", "", "", "Argument[-1]", "jwt", "manual"] + - ["gopkg.in/square/go-jose.v2/jwt", "JSONWebToken", True, "UnsafeClaimsWithoutVerification", "", "", "Argument[receiver]", "jwt", "manual"] - addsTo: pack: codeql/go-all extensible: summaryModel @@ -11,4 +11,4 @@ extensions: - ["gopkg.in/square/go-jose.v2/jwt", "", True, "ParseEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["gopkg.in/square/go-jose.v2/jwt", "", True, "ParseSigned", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["gopkg.in/square/go-jose.v2/jwt", "NestedJSONWebToken", True, "ParseSignedAndEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["gopkg.in/square/go-jose.v2/jwt", "NestedJSONWebToken", True, "Decrypt", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["gopkg.in/square/go-jose.v2/jwt", "NestedJSONWebToken", True, "Decrypt", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/gopkg.in.yaml.model.yml b/go/ql/lib/ext/gopkg.in.yaml.model.yml index 7718dca0a7df..34b973e67198 100644 --- a/go/ql/lib/ext/gopkg.in.yaml.model.yml +++ b/go/ql/lib/ext/gopkg.in.yaml.model.yml @@ -7,8 +7,8 @@ extensions: - ["gopkg.in/yaml", "", False, "Unmarshal", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["gopkg.in/yaml", "", False, "UnmarshalStrict", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["gopkg.in/yaml", "", False, "NewDecoder", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["gopkg.in/yaml", "Decoder", True, "Decode", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["gopkg.in/yaml", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["gopkg.in/yaml", "Node", True, "Decode", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["gopkg.in/yaml", "Node", True, "Encode", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["gopkg.in/yaml", "Node", True, "SetString", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["gopkg.in/yaml", "Decoder", True, "Decode", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["gopkg.in/yaml", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["gopkg.in/yaml", "Node", True, "Decode", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["gopkg.in/yaml", "Node", True, "Encode", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["gopkg.in/yaml", "Node", True, "SetString", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/io.fs.model.yml b/go/ql/lib/ext/io.fs.model.yml index 8797d50c5619..e4ced4b775ba 100644 --- a/go/ql/lib/ext/io.fs.model.yml +++ b/go/ql/lib/ext/io.fs.model.yml @@ -8,10 +8,10 @@ extensions: - ["io/fs", "", False, "ReadDir", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["io/fs", "", False, "ReadFile", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["io/fs", "", False, "Sub", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "DirEntry", True, "Info", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "DirEntry", True, "Name", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["io/fs", "FS", True, "Open", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "GlobFS", True, "Glob", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "ReadDirFS", True, "ReadDir", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "ReadFileFS", True, "ReadFile", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["io/fs", "SubFS", True, "Sub", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "DirEntry", True, "Info", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "DirEntry", True, "Name", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["io/fs", "FS", True, "Open", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "GlobFS", True, "Glob", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "ReadDirFS", True, "ReadDir", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "ReadFileFS", True, "ReadFile", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["io/fs", "SubFS", True, "Sub", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/io.model.yml b/go/ql/lib/ext/io.model.yml index 1da83059617d..d9c7190026d5 100644 --- a/go/ql/lib/ext/io.model.yml +++ b/go/ql/lib/ext/io.model.yml @@ -15,10 +15,10 @@ extensions: - ["io", "", False, "TeeReader", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["io", "", False, "TeeReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["io", "", False, "WriteString", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - - ["io", "Reader", True, "Read", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["io", "ReaderAt", True, "ReadAt", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["io", "ReaderFrom", True, "ReadFrom", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["io", "StringWriter", True, "WriteString", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["io", "Writer", True, "Write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["io", "WriterAt", True, "WriteAt", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["io", "WriterTo", True, "WriteTo", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["io", "Reader", True, "Read", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["io", "ReaderAt", True, "ReadAt", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["io", "ReaderFrom", True, "ReadFrom", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["io", "StringWriter", True, "WriteString", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["io", "Writer", True, "Write", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["io", "WriterAt", True, "WriteAt", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["io", "WriterTo", True, "WriteTo", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/k8s.io.api.core.model.yml b/go/ql/lib/ext/k8s.io.api.core.model.yml index eda9af13280d..7c2a5fd25664 100644 --- a/go/ql/lib/ext/k8s.io.api.core.model.yml +++ b/go/ql/lib/ext/k8s.io.api.core.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["k8s.io/api/core", "Secret", True, "DeepCopy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/api/core", "Secret", True, "DeepCopyInto", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/api/core", "Secret", True, "DeepCopyObject", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/api/core", "Secret", True, "Marshal", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/api/core", "Secret", True, "Unmarshal", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/api/core", "SecretList", True, "DeepCopy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/api/core", "SecretList", True, "DeepCopyInto", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/api/core", "SecretList", True, "DeepCopyObject", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/api/core", "SecretList", True, "Marshal", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/api/core", "SecretList", True, "Unmarshal", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["k8s.io/api/core", "Secret", True, "DeepCopy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/api/core", "Secret", True, "DeepCopyInto", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/api/core", "Secret", True, "DeepCopyObject", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/api/core", "Secret", True, "Marshal", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["k8s.io/api/core", "Secret", True, "Unmarshal", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/api/core", "SecretList", True, "DeepCopy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/api/core", "SecretList", True, "DeepCopyInto", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/api/core", "SecretList", True, "DeepCopyObject", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/api/core", "SecretList", True, "Marshal", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["k8s.io/api/core", "SecretList", True, "Unmarshal", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/k8s.io.apimachinery.pkg.runtime.model.yml b/go/ql/lib/ext/k8s.io.apimachinery.pkg.runtime.model.yml index 6bfbf8ded320..f3a6e93a748c 100644 --- a/go/ql/lib/ext/k8s.io.apimachinery.pkg.runtime.model.yml +++ b/go/ql/lib/ext/k8s.io.apimachinery.pkg.runtime.model.yml @@ -23,30 +23,30 @@ extensions: - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "", False, "NewEncodableList", "", "", "Argument[1]", "ReturnValue", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "", False, "SetField", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "", False, "UseOrCreateObject", "", "", "Argument[3]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "CacheableObject", True, "CacheEncode", "", "", "Argument[-1]", "Argument[2]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "CacheableObject", True, "GetObject", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "CacheableObject", True, "CacheEncode", "", "", "Argument[receiver]", "Argument[2]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "CacheableObject", True, "GetObject", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Decoder", True, "Decode", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Decoder", True, "Decode", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Encoder", True, "Encode", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Framer", True, "NewFrameReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Framer", True, "NewFrameWriter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Object", True, "DeepCopyObject", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Object", True, "DeepCopyObject", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ObjectConvertor", True, "Convert", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ObjectVersioner", True, "ConvertToVersion", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ParameterCodec", True, "DecodeParameters", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ParameterCodec", True, "EncodeParameters", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ProtobufMarshaller", True, "MarshalTo", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ProtobufReverseMarshaller", True, "MarshalToSizedBuffer", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "DeepCopy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "DeepCopyInto", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "Marshal", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "Unmarshal", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "DeepCopy", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "DeepCopyInto", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "Marshal", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "NestedMarshalTo", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "Unmarshal", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unstructured", True, "SetUnstructuredContent", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unstructured", True, "UnstructuredContent", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ProtobufMarshaller", True, "MarshalTo", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "ProtobufReverseMarshaller", True, "MarshalToSizedBuffer", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "DeepCopy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "DeepCopyInto", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "Marshal", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "RawExtension", True, "Unmarshal", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "DeepCopy", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "DeepCopyInto", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "Marshal", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "NestedMarshalTo", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unknown", True, "Unmarshal", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unstructured", True, "SetUnstructuredContent", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "Unstructured", True, "UnstructuredContent", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "WithoutVersionDecoder", True, "Decode", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] - ["k8s.io/apimachinery/$ANYVERSION/pkg/runtime", "WithoutVersionDecoder", True, "Decode", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/log.model.yml b/go/ql/lib/ext/log.model.yml index fe1dd40394de..7f52a1733073 100644 --- a/go/ql/lib/ext/log.model.yml +++ b/go/ql/lib/ext/log.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["log", "Logger", True, "SetOutput", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["log", "Logger", True, "SetPrefix", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["log", "Logger", True, "Writer", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["log", "Logger", True, "SetOutput", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["log", "Logger", True, "SetPrefix", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["log", "Logger", True, "Writer", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/math.big.model.yml b/go/ql/lib/ext/math.big.model.yml index 63e02e83709d..2e320251b2dd 100644 --- a/go/ql/lib/ext/math.big.model.yml +++ b/go/ql/lib/ext/math.big.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["math/big", "Int", False, "Int64", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["math/big", "Int", False, "Int64", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/mime.multipart.model.yml b/go/ql/lib/ext/mime.multipart.model.yml index c6eafbb2f547..410eac26af69 100644 --- a/go/ql/lib/ext/mime.multipart.model.yml +++ b/go/ql/lib/ext/mime.multipart.model.yml @@ -4,10 +4,10 @@ extensions: extensible: summaryModel data: - ["mime/multipart", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["mime/multipart", "FileHeader", True, "Open", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["mime/multipart", "Part", True, "FileName", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["mime/multipart", "Part", True, "FormName", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["mime/multipart", "Reader", True, "NextPart", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["mime/multipart", "Reader", True, "NextRawPart", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["mime/multipart", "Reader", True, "ReadForm", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["mime/multipart", "Writer", True, "WriteField", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] + - ["mime/multipart", "FileHeader", True, "Open", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["mime/multipart", "Part", True, "FileName", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["mime/multipart", "Part", True, "FormName", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["mime/multipart", "Reader", True, "NextPart", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["mime/multipart", "Reader", True, "NextRawPart", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["mime/multipart", "Reader", True, "ReadForm", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["mime/multipart", "Writer", True, "WriteField", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/net.http.httputil.model.yml b/go/ql/lib/ext/net.http.httputil.model.yml index b8b7095c2a0a..783322b36ae6 100644 --- a/go/ql/lib/ext/net.http.httputil.model.yml +++ b/go/ql/lib/ext/net.http.httputil.model.yml @@ -9,7 +9,7 @@ extensions: - ["net/http/httputil", "", False, "NewChunkedReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["net/http/httputil", "", False, "NewClientConn", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - ["net/http/httputil", "", False, "NewProxyClientConn", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["net/http/httputil", "BufferPool", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/http/httputil", "BufferPool", True, "Put", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net/http/httputil", "ClientConn", True, "Hijack", "", "", "Argument[-1]", "ReturnValue[0..1]", "taint", "manual"] - - ["net/http/httputil", "ServerConn", True, "Hijack", "", "", "Argument[-1]", "ReturnValue[0..1]", "taint", "manual"] + - ["net/http/httputil", "BufferPool", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/http/httputil", "BufferPool", True, "Put", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net/http/httputil", "ClientConn", True, "Hijack", "", "", "Argument[receiver]", "ReturnValue[0..1]", "taint", "manual"] + - ["net/http/httputil", "ServerConn", True, "Hijack", "", "", "Argument[receiver]", "ReturnValue[0..1]", "taint", "manual"] diff --git a/go/ql/lib/ext/net.http.model.yml b/go/ql/lib/ext/net.http.model.yml index 8dfd52a0d108..3661215f1610 100644 --- a/go/ql/lib/ext/net.http.model.yml +++ b/go/ql/lib/ext/net.http.model.yml @@ -11,20 +11,20 @@ extensions: - ["net/http", "", False, "ReadRequest", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net/http", "", False, "ReadResponse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net/http", "", False, "SetCookie", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Header", True, "Add", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net/http", "Header", True, "Clone", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/http", "Header", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/http", "Header", True, "Set", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net/http", "Header", True, "Values", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/http", "Header", True, "Write", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Header", True, "WriteSubset", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Hijacker", True, "Hijack", "", "", "Argument[-1]", "ReturnValue[0..1]", "taint", "manual"] - - ["net/http", "Request", True, "AddCookie", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net/http", "Request", True, "Clone", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/http", "Request", True, "Write", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Request", True, "WriteProxy", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Response", True, "Write", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net/http", "Transport", True, "Clone", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["net/http", "Header", True, "Add", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net/http", "Header", True, "Clone", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/http", "Header", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/http", "Header", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net/http", "Header", True, "Values", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/http", "Header", True, "Write", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net/http", "Header", True, "WriteSubset", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net/http", "Hijacker", True, "Hijack", "", "", "Argument[receiver]", "ReturnValue[0..1]", "taint", "manual"] + - ["net/http", "Request", True, "AddCookie", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net/http", "Request", True, "Clone", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/http", "Request", True, "Write", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net/http", "Request", True, "WriteProxy", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net/http", "Response", True, "Write", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net/http", "Transport", True, "Clone", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel diff --git a/go/ql/lib/ext/net.mail.model.yml b/go/ql/lib/ext/net.mail.model.yml index d5db3c97b1be..0bb4ef1884bc 100644 --- a/go/ql/lib/ext/net.mail.model.yml +++ b/go/ql/lib/ext/net.mail.model.yml @@ -8,4 +8,4 @@ extensions: - ["net/mail", "", False, "ReadMessage", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net/mail", "AddressParser", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net/mail", "AddressParser", True, "ParseList", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["net/mail", "Header", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["net/mail", "Header", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/net.model.yml b/go/ql/lib/ext/net.model.yml index 968b03fd3c2d..0922b5b31d6f 100644 --- a/go/ql/lib/ext/net.model.yml +++ b/go/ql/lib/ext/net.model.yml @@ -7,19 +7,19 @@ extensions: - ["net", "", False, "FilePacketConn", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net", "", False, "JoinHostPort", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - ["net", "", False, "SplitHostPort", "", "", "Argument[0]", "ReturnValue[0..1]", "taint", "manual"] - - ["net", "IPConn", True, "ReadFromIP", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net", "IPConn", True, "ReadMsgIP", "", "", "Argument[-1]", "Argument[0..1]", "taint", "manual"] - - ["net", "IPConn", True, "WriteMsgIP", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net", "IPConn", True, "WriteToIP", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net", "PacketConn", True, "ReadFrom", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net", "PacketConn", True, "WriteTo", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net", "TCPListener", True, "File", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net", "UDPConn", True, "ReadFromUDP", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net", "UDPConn", True, "ReadMsgUDP", "", "", "Argument[-1]", "Argument[0..1]", "taint", "manual"] - - ["net", "UDPConn", True, "WriteMsgUDP", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net", "UDPConn", True, "WriteToUDP", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net", "UnixConn", True, "ReadFromUnix", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["net", "UnixConn", True, "ReadMsgUnix", "", "", "Argument[-1]", "Argument[0..1]", "taint", "manual"] - - ["net", "UnixConn", True, "WriteMsgUnix", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net", "UnixConn", True, "WriteToUnix", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["net", "UnixListener", True, "File", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["net", "IPConn", True, "ReadFromIP", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net", "IPConn", True, "ReadMsgIP", "", "", "Argument[receiver]", "Argument[0..1]", "taint", "manual"] + - ["net", "IPConn", True, "WriteMsgIP", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net", "IPConn", True, "WriteToIP", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net", "PacketConn", True, "ReadFrom", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net", "PacketConn", True, "WriteTo", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net", "TCPListener", True, "File", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net", "UDPConn", True, "ReadFromUDP", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net", "UDPConn", True, "ReadMsgUDP", "", "", "Argument[receiver]", "Argument[0..1]", "taint", "manual"] + - ["net", "UDPConn", True, "WriteMsgUDP", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net", "UDPConn", True, "WriteToUDP", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net", "UnixConn", True, "ReadFromUnix", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["net", "UnixConn", True, "ReadMsgUnix", "", "", "Argument[receiver]", "Argument[0..1]", "taint", "manual"] + - ["net", "UnixConn", True, "WriteMsgUnix", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net", "UnixConn", True, "WriteToUnix", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["net", "UnixListener", True, "File", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/net.textproto.model.yml b/go/ql/lib/ext/net.textproto.model.yml index 0ff47eeebdb1..63a9da4497a5 100644 --- a/go/ql/lib/ext/net.textproto.model.yml +++ b/go/ql/lib/ext/net.textproto.model.yml @@ -8,17 +8,17 @@ extensions: - ["net/textproto", "", False, "NewReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["net/textproto", "", False, "TrimBytes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["net/textproto", "", False, "TrimString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["net/textproto", "MIMEHeader", True, "Add", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net/textproto", "MIMEHeader", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/textproto", "MIMEHeader", True, "Set", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["net/textproto", "MIMEHeader", True, "Values", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/textproto", "Reader", True, "DotReader", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadCodeLine", "", "", "Argument[-1]", "ReturnValue[1]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadContinuedLine", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadContinuedLineBytes", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadDotBytes", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadDotLines", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadLine", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadLineBytes", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadMIMEHeader", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/textproto", "Reader", True, "ReadResponse", "", "", "Argument[-1]", "ReturnValue[1]", "taint", "manual"] + - ["net/textproto", "MIMEHeader", True, "Add", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net/textproto", "MIMEHeader", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/textproto", "MIMEHeader", True, "Set", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["net/textproto", "MIMEHeader", True, "Values", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/textproto", "Reader", True, "DotReader", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadCodeLine", "", "", "Argument[receiver]", "ReturnValue[1]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadContinuedLine", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadContinuedLineBytes", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadDotBytes", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadDotLines", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadLine", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadLineBytes", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadMIMEHeader", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/textproto", "Reader", True, "ReadResponse", "", "", "Argument[receiver]", "ReturnValue[1]", "taint", "manual"] diff --git a/go/ql/lib/ext/net.url.model.yml b/go/ql/lib/ext/net.url.model.yml index deba3d5b39ef..0b48aa2352c2 100644 --- a/go/ql/lib/ext/net.url.model.yml +++ b/go/ql/lib/ext/net.url.model.yml @@ -12,17 +12,17 @@ extensions: - ["net/url", "", False, "QueryUnescape", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["net/url", "", False, "User", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["net/url", "", False, "UserPassword", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "EscapedPath", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "Hostname", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "MarshalBinary", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/url", "URL", True, "Parse", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] + - ["net/url", "URL", True, "EscapedPath", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "Hostname", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "MarshalBinary", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/url", "URL", True, "Parse", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["net/url", "URL", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["net/url", "URL", True, "Port", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "Query", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "RequestURI", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "URL", True, "ResolveReference", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "Port", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "Query", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "RequestURI", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "URL", True, "ResolveReference", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - ["net/url", "URL", True, "ResolveReference", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["net/url", "Userinfo", True, "Password", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["net/url", "Userinfo", True, "Username", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "Values", True, "Encode", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["net/url", "Values", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["net/url", "Userinfo", True, "Password", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["net/url", "Userinfo", True, "Username", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "Values", True, "Encode", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["net/url", "Values", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/os.model.yml b/go/ql/lib/ext/os.model.yml index 2ca99c370e3a..b0314dc71ed4 100644 --- a/go/ql/lib/ext/os.model.yml +++ b/go/ql/lib/ext/os.model.yml @@ -6,4 +6,4 @@ extensions: - ["os", "", False, "Expand", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["os", "", False, "ExpandEnv", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["os", "", False, "NewFile", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["os", "File", True, "Fd", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["os", "File", True, "Fd", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/reflect.model.yml b/go/ql/lib/ext/reflect.model.yml index 1299b3a61f0d..75b207f73a0f 100644 --- a/go/ql/lib/ext/reflect.model.yml +++ b/go/ql/lib/ext/reflect.model.yml @@ -7,36 +7,36 @@ extensions: - ["reflect", "", False, "Copy", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - ["reflect", "", False, "Indirect", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["reflect", "", False, "ValueOf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["reflect", "MapIter", True, "Key", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "MapIter", True, "Value", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "StructTag", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "StructTag", True, "Lookup", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["reflect", "Value", True, "Addr", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Bytes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Convert", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Elem", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Field", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "FieldByIndex", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "FieldByName", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "FieldByNameFunc", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Index", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Interface", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "InterfaceData", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "MapIndex", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "MapKeys", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "MapRange", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Method", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "MethodByName", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Pointer", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Recv", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["reflect", "Value", True, "Send", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "Set", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "SetBytes", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "SetMapIndex", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "SetPointer", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "SetString", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "Slice", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "Slice3", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["reflect", "Value", True, "TryRecv", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["reflect", "Value", True, "TrySend", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["reflect", "Value", True, "UnsafeAddr", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["reflect", "MapIter", True, "Key", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "MapIter", True, "Value", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "StructTag", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "StructTag", True, "Lookup", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["reflect", "Value", True, "Addr", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Bytes", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Convert", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Elem", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Field", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "FieldByIndex", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "FieldByName", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "FieldByNameFunc", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Index", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Interface", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "InterfaceData", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "MapIndex", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "MapKeys", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "MapRange", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Method", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "MethodByName", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Pointer", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Recv", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["reflect", "Value", True, "Send", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "Set", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "SetBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "SetMapIndex", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "SetPointer", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "SetString", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "Slice", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "Slice3", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["reflect", "Value", True, "TryRecv", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["reflect", "Value", True, "TrySend", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["reflect", "Value", True, "UnsafeAddr", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/strings.model.yml b/go/ql/lib/ext/strings.model.yml index 2757277a0f08..01015b31517e 100644 --- a/go/ql/lib/ext/strings.model.yml +++ b/go/ql/lib/ext/strings.model.yml @@ -34,6 +34,6 @@ extensions: - ["strings", "", False, "TrimRightFunc", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["strings", "", False, "TrimSpace", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["strings", "", False, "TrimSuffix", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["strings", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["strings", "Reader", True, "Reset", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["strings", "Replacer", True, "Replace", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["strings", "Replacer", True, "WriteString", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/sync.atomic.model.yml b/go/ql/lib/ext/sync.atomic.model.yml index 025097a8e835..1dd7d995566a 100644 --- a/go/ql/lib/ext/sync.atomic.model.yml +++ b/go/ql/lib/ext/sync.atomic.model.yml @@ -15,15 +15,15 @@ extensions: - ["sync/atomic", "", False, "SwapPointer", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["sync/atomic", "", False, "SwapUintptr", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] - ["sync/atomic", "", False, "SwapUintptr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Pointer", True, "Load", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Pointer", True, "Store", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["sync/atomic", "Pointer", True, "Swap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Pointer", True, "Swap", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["sync/atomic", "Uintptr", True, "Load", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Uintptr", True, "Store", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["sync/atomic", "Uintptr", True, "Swap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Uintptr", True, "Swap", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["sync/atomic", "Value", True, "Load", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Value", True, "Store", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["sync/atomic", "Value", True, "Swap", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync/atomic", "Value", True, "Swap", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["sync/atomic", "Pointer", True, "Load", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Pointer", True, "Store", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["sync/atomic", "Pointer", True, "Swap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Pointer", True, "Swap", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["sync/atomic", "Uintptr", True, "Load", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Uintptr", True, "Store", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["sync/atomic", "Uintptr", True, "Swap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Uintptr", True, "Swap", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["sync/atomic", "Value", True, "Load", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Value", True, "Store", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["sync/atomic", "Value", True, "Swap", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync/atomic", "Value", True, "Swap", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/sync.model.yml b/go/ql/lib/ext/sync.model.yml index d7dd66558be4..da03ce0acc27 100644 --- a/go/ql/lib/ext/sync.model.yml +++ b/go/ql/lib/ext/sync.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["sync", "Map", True, "CompareAndSwap", "", "", "Argument[2]", "Argument[-1]", "taint", "manual"] - - ["sync", "Map", True, "Load", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["sync", "Map", True, "LoadOrStore", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["sync", "Map", True, "LoadOrStore", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] + - ["sync", "Map", True, "CompareAndSwap", "", "", "Argument[2]", "Argument[receiver]", "taint", "manual"] + - ["sync", "Map", True, "Load", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["sync", "Map", True, "LoadOrStore", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["sync", "Map", True, "LoadOrStore", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] - ["sync", "Map", True, "LoadOrStore", "", "", "Argument[0..1]", "ReturnValue[0]", "taint", "manual"] - - ["sync", "Map", True, "Store", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["sync", "Map", True, "Swap", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["sync", "Map", True, "Swap", "", "", "Argument[0..1]", "Argument[-1]", "taint", "manual"] - - ["sync", "Pool", True, "Get", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["sync", "Pool", True, "Put", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["sync", "Map", True, "Store", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["sync", "Map", True, "Swap", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["sync", "Map", True, "Swap", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["sync", "Pool", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["sync", "Pool", True, "Put", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/syscall.model.yml b/go/ql/lib/ext/syscall.model.yml index 5f83e2d38502..f22167d41d87 100644 --- a/go/ql/lib/ext/syscall.model.yml +++ b/go/ql/lib/ext/syscall.model.yml @@ -8,6 +8,6 @@ extensions: - ["syscall", "", False, "StringBytePtr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["syscall", "", False, "StringByteSlice", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["syscall", "", False, "StringSlicePtr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["syscall", "Conn", True, "SyscallConn", "", "", "Argument[-1]", "ReturnValue[0]", "taint", "manual"] - - ["syscall", "RawConn", True, "Read", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - - ["syscall", "RawConn", True, "Write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["syscall", "Conn", True, "SyscallConn", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["syscall", "RawConn", True, "Read", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] + - ["syscall", "RawConn", True, "Write", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/lib/ext/text.scanner.model.yml b/go/ql/lib/ext/text.scanner.model.yml index 76ea2c1a73cb..8eeb48740d15 100644 --- a/go/ql/lib/ext/text.scanner.model.yml +++ b/go/ql/lib/ext/text.scanner.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["text/scanner", "Scanner", True, "Init", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["text/scanner", "Scanner", True, "Init", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["text/scanner", "Scanner", True, "Init", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["text/scanner", "Scanner", True, "TokenText", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["text/scanner", "Scanner", True, "TokenText", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/text.tabwriter.model.yml b/go/ql/lib/ext/text.tabwriter.model.yml index 6972e2d93a6b..ae29881c309b 100644 --- a/go/ql/lib/ext/text.tabwriter.model.yml +++ b/go/ql/lib/ext/text.tabwriter.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["text/tabwriter", "Writer", True, "Init", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["text/tabwriter", "Writer", True, "Init", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 02049bf66c75..821d2b10b37d 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -1,7 +1,7 @@ /** * INTERNAL use only. This is an experimental API subject to change without notice. * - * Provides classes and predicates for dealing with MaD flow models specified + * Provides classes and predicates for dealing with flow models specified * in data extensions and CSV format. * * The CSV specification has the following columns: @@ -11,6 +11,9 @@ * `package; type; subtypes; name; signature; ext; input; kind; provenance` * - Summaries: * `package; type; subtypes; name; signature; ext; input; output; kind; provenance` + * - Neutrals: + * `package; type; name; signature; kind; provenance` + * A neutral is used to indicate that a callable is neutral with respect to flow (no summary), source (is not a source) or sink (is not a sink). * * The interpretation of a row is similar to API-graphs with a left-to-right * reading. @@ -27,7 +30,7 @@ * "Argument[n]", or "Argument[n1..n2]": * - "": Selects a write to the selected element in case this is a field. * - "Argument[n]": Selects an argument in a call to the selected element. - * The arguments are zero-indexed, and `-1` specifies the qualifier. + * The arguments are zero-indexed, and `receiver` specifies the receiver. * - "Argument[n1..n2]": Similar to "Argument[n]" but selects any argument * in the given range. The range is inclusive at both ends. * @@ -37,12 +40,12 @@ * - "": Selects a read of a selected field. * - "Argument[n]": Selects the post-update value of an argument in a call to the * selected element. That is, the value of the argument after the call returns. - * The arguments are zero-indexed, and `-1` specifies the qualifier. + * The arguments are zero-indexed, and `receiver` specifies the receiver. * - "Argument[n1..n2]": Similar to "Argument[n]" but select any argument in * the given range. The range is inclusive at both ends. * - "Parameter": Selects the value of a parameter of the selected element. * - "Parameter[n]": Similar to "Parameter" but restricted to a specific - * numbered parameter (zero-indexed, and `-1` specifies the value of `this`). + * numbered parameter (zero-indexed, and `receiver` specifies the receiver). * - "Parameter[n1..n2]": Similar to "Parameter[n]" but selects any parameter * in the given range. The range is inclusive at both ends. * - "ReturnValue": Selects the first value being returned by the selected @@ -73,46 +76,33 @@ private import go import internal.ExternalFlowExtensions +private import FlowSummary as FlowSummary private import internal.DataFlowPrivate private import internal.FlowSummaryImpl +private import internal.FlowSummaryImpl::Public private import internal.FlowSummaryImpl::Private private import internal.FlowSummaryImpl::Private::External -private import internal.FlowSummaryImpl::Public private import codeql.mad.ModelValidation as SharedModelVal -/** Holds if `package` have MaD framework coverage. */ -private predicate packageHasMaDCoverage(string package) { +private predicate relevantPackage(string package) { sourceModel(package, _, _, _, _, _, _, _, _, _) or sinkModel(package, _, _, _, _, _, _, _, _, _) or summaryModel(package, _, _, _, _, _, _, _, _, _, _) } -/** - * Holds if `package` and `subpkg` have MaD framework coverage and `subpkg` - * is a subpackage of `package`. - */ -private predicate packageHasASubpackage(string package, string subpkg) { - packageHasMaDCoverage(package) and - packageHasMaDCoverage(subpkg) and - subpkg.prefix(subpkg.indexOf(".")) = package +private predicate packageLink(string shortpkg, string longpkg) { + relevantPackage(shortpkg) and + relevantPackage(longpkg) and + longpkg.prefix(longpkg.indexOf(".")) = shortpkg } -/** - * Holds if `package` has MaD framework coverage and it is not a subpackage of - * any other package with MaD framework coverage. - */ private predicate canonicalPackage(string package) { - packageHasMaDCoverage(package) and not packageHasASubpackage(_, package) + relevantPackage(package) and not packageLink(_, package) } -/** - * Holds if `package` and `subpkg` have MaD framework coverage, `subpkg` is a - * subpackage of `package` (or they are the same), and `package` is not a - * subpackage of any other package with MaD framework coverage. - */ -private predicate canonicalPackageHasASubpackage(string package, string subpkg) { +private predicate canonicalPkgLink(string package, string subpkg) { canonicalPackage(package) and - (subpkg = package or packageHasASubpackage(package, subpkg)) + (subpkg = package or packageLink(package, subpkg)) } /** @@ -121,13 +111,13 @@ private predicate canonicalPackageHasASubpackage(string package, string subpkg) * which have MaD framework coverage (including `package` itself). */ predicate modelCoverage(string package, int pkgs, string kind, string part, int n) { - pkgs = strictcount(string subpkg | canonicalPackageHasASubpackage(package, subpkg)) and + pkgs = strictcount(string subpkg | canonicalPkgLink(package, subpkg)) and ( part = "source" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string output, string provenance | - canonicalPackageHasASubpackage(package, subpkg) and + canonicalPkgLink(package, subpkg) and sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind, provenance, _) ) or @@ -135,7 +125,7 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string input, string provenance | - canonicalPackageHasASubpackage(package, subpkg) and + canonicalPkgLink(package, subpkg) and sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind, provenance, _) ) or @@ -143,7 +133,7 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string input, string output, string provenance | - canonicalPackageHasASubpackage(package, subpkg) and + canonicalPkgLink(package, subpkg) and summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind, provenance, _) ) @@ -152,8 +142,23 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int /** Provides a query predicate to check the MaD models for validation errors. */ module ModelValidation { + private import codeql.dataflow.internal.AccessPathSyntax as AccessPathSyntax + + private predicate getRelevantAccessPath(string path) { + summaryModel(_, _, _, _, _, _, path, _, _, _, _) or + summaryModel(_, _, _, _, _, _, _, path, _, _, _) or + sinkModel(_, _, _, _, _, _, path, _, _, _) or + sourceModel(_, _, _, _, _, _, path, _, _, _) + } + + private module MkAccessPath = AccessPathSyntax::AccessPath; + + class AccessPath = MkAccessPath::AccessPath; + + class AccessPathToken = MkAccessPath::AccessPathToken; + private string getInvalidModelInput() { - exists(string pred, AccessPath input, string part | + exists(string pred, AccessPath input, AccessPathToken part | sinkModel(_, _, _, _, _, _, input, _, _, _) and pred = "sink" or summaryModel(_, _, _, _, _, _, input, _, _, _, _) and pred = "summary" @@ -161,24 +166,33 @@ module ModelValidation { ( invalidSpecComponent(input, part) and not part = "" and - not parseArg(part, _) + not (part = "Argument" and pred = "sink") and + not parseArg(part, _) and + not part.getName() = "Field" or - part = input.getToken(_) and + part = input.getToken(0) and parseParam(part, _) + or + invalidIndexComponent(input, part) ) and result = "Unrecognized input specification \"" + part + "\" in " + pred + " model." ) } private string getInvalidModelOutput() { - exists(string pred, string output, string part | + exists(string pred, AccessPath output, AccessPathToken part | sourceModel(_, _, _, _, _, _, output, _, _, _) and pred = "source" or summaryModel(_, _, _, _, _, _, _, output, _, _, _) and pred = "summary" | - invalidSpecComponent(output, part) and - not part = "" and - not (part = "Parameter" and pred = "source") and + ( + invalidSpecComponent(output, part) and + not part = "" and + not (part = ["Argument", "Parameter"] and pred = "source") and + not part.getName() = "Field" + or + invalidIndexComponent(output, part) + ) and result = "Unrecognized output specification \"" + part + "\" in " + pred + " model." ) } @@ -189,6 +203,8 @@ module ModelValidation { predicate sinkKind(string kind) { sinkModel(_, _, _, _, _, _, _, kind, _, _) } predicate sourceKind(string kind) { sourceModel(_, _, _, _, _, _, _, kind, _, _) } + + predicate neutralKind(string kind) { neutralModel(_, _, _, _, kind, _) } } private module KindVal = SharedModelVal::KindValidation; @@ -204,6 +220,10 @@ module ModelValidation { or summaryModel(package, type, _, name, signature, ext, _, _, _, provenance, _) and pred = "summary" + or + neutralModel(package, type, name, signature, _, provenance) and + ext = "" and + pred = "neutral" | not package.replaceAll("$ANYVERSION", "").regexpMatch("[a-zA-Z0-9_\\./-]*") and result = "Dubious package \"" + package + "\" in " + pred + " model." @@ -239,31 +259,15 @@ pragma[nomagic] private predicate elementSpec( string package, string type, boolean subtypes, string name, string signature, string ext ) { - sourceModel(package, type, subtypes, name, signature, ext, _, _, _, _) or - sinkModel(package, type, subtypes, name, signature, ext, _, _, _, _) or - summaryModel(package, type, subtypes, name, signature, ext, _, _, _, _, _) -} - -private string paramsStringPart(Function f, int i) { - i = -1 and result = "(" + sourceModel(package, type, subtypes, name, signature, ext, _, _, _, _) or - exists(int n, string p | f.getParameterType(n).toString() = p | - i = 2 * n and result = p - or - i = 2 * n - 1 and result = "," and n != 0 - ) + sinkModel(package, type, subtypes, name, signature, ext, _, _, _, _) + or + summaryModel(package, type, subtypes, name, signature, ext, _, _, _, _, _) or - i = 2 * f.getNumParameter() and result = ")" + neutralModel(package, type, name, signature, _, _) and ext = "" and subtypes = false } -/** - * Gets a parenthesized string containing all parameter types of this callable, separated by a comma. - * - * Returns the empty string if the callable has no parameters. - * Parameter types are represented by their type erasure. - */ -string paramsString(Function f) { result = concat(int i | | paramsStringPart(f, i) order by i) } - bindingset[p] private string interpretPackage(string p) { exists(string r | r = "([^$]+)([./]\\$ANYVERSION(/|$)(.*))?" | @@ -276,6 +280,7 @@ private string interpretPackage(string p) { } /** Gets the source/sink/summary element corresponding to the supplied parameters. */ +cached SourceSinkInterpretationInput::SourceOrSinkElement interpretElement( string pkg, string type, boolean subtypes, string name, string signature, string ext ) { @@ -296,22 +301,16 @@ SourceSinkInterpretationInput::SourceOrSinkElement interpretElement( ) } -/** Holds if there is an external specification for `f`. */ -predicate hasExternalSpecification(Function f) { - f = any(SummarizedCallable sc).asFunction() - or - exists(SourceSinkInterpretationInput::SourceOrSinkElement e | f = e.asEntity() | - SourceSinkInterpretationInput::sourceElement(e, _, _, _, _) or - SourceSinkInterpretationInput::sinkElement(e, _, _, _, _) - ) -} - private predicate parseField(AccessPathToken c, DataFlow::FieldContent f) { - exists(string fieldRegex, string package, string className, string fieldName | - fieldRegex = "^Field\\[(.*)\\.([^.]+)\\.([^.]+)\\]$" and - package = c.regexpCapture(fieldRegex, 1) and - className = c.regexpCapture(fieldRegex, 2) and - fieldName = c.regexpCapture(fieldRegex, 3) and + exists( + string fieldRegex, string qualifiedName, string package, string className, string fieldName + | + c.getName() = "Field" and + qualifiedName = c.getAnArgument() and + fieldRegex = "^(.*)\\.([^.]+)\\.([^.]+)$" and + package = qualifiedName.regexpCapture(fieldRegex, 1) and + className = qualifiedName.regexpCapture(fieldRegex, 2) and + fieldName = qualifiedName.regexpCapture(fieldRegex, 3) and f.getField().hasQualifiedName(package, className, fieldName) ) } @@ -328,11 +327,12 @@ class SyntheticField extends string { } private predicate parseSynthField(AccessPathToken c, string f) { - c.regexpCapture("SyntheticField\\[([.a-zA-Z0-9]+)\\]", 1) = f + c.getName() = "SyntheticField" and + f = c.getAnArgument() } /** Holds if the specification component parses as a `Content`. */ -predicate parseContent(string component, DataFlow::Content content) { +predicate parseContent(AccessPathToken component, DataFlow::Content content) { parseField(component, content) or parseSynthField(component, content.(DataFlow::SyntheticFieldContent).getField()) @@ -387,29 +387,15 @@ predicate sourceNode(DataFlow::Node node, string kind) { sourceNode(node, kind, */ predicate sinkNode(DataFlow::Node node, string kind) { sinkNode(node, kind, _) } -private predicate interpretSummary( - Callable c, string input, string output, string kind, string provenance, string model -) { - exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - QlBuiltins::ExtensionId madId - | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance, - madId) and - model = "MaD:" + madId.toString() and - c.asFunction() = interpretElement(namespace, type, subtypes, name, signature, ext).asEntity() - ) -} - // adapter class for converting Mad summaries to `SummarizedCallable`s private class SummarizedCallableAdapter extends SummarizedCallable { - SummarizedCallableAdapter() { interpretSummary(this, _, _, _, _, _) } + SummarizedCallableAdapter() { summaryElement(this, _, _, _, _, _) } private predicate relevantSummaryElementManual( string input, string output, string kind, string model ) { exists(Provenance provenance | - interpretSummary(this, input, output, kind, provenance, model) and + summaryElement(this, input, output, kind, provenance, model) and provenance.isManual() ) } @@ -418,8 +404,12 @@ private class SummarizedCallableAdapter extends SummarizedCallable { string input, string output, string kind, string model ) { exists(Provenance provenance | - interpretSummary(this, input, output, kind, provenance, model) and + summaryElement(this, input, output, kind, provenance, model) and provenance.isGenerated() + ) and + not exists(Provenance provenance | + neutralElement(this, "summary", provenance) and + provenance.isManual() ) } @@ -437,7 +427,7 @@ private class SummarizedCallableAdapter extends SummarizedCallable { } override predicate hasProvenance(Provenance provenance) { - interpretSummary(this, _, _, _, provenance, _) + summaryElement(this, _, _, _, provenance, _) } } @@ -446,13 +436,7 @@ private class NeutralCallableAdapter extends NeutralCallable { string kind; string provenance_; - NeutralCallableAdapter() { - // Neutral models have not been implemented for Go. - none() and - exists(this) and - exists(kind) and - exists(provenance_) - } + NeutralCallableAdapter() { neutralElement(this, kind, provenance_) } override string getKind() { result = kind } diff --git a/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll b/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll index 327cd65df87f..1cc3fe7292ea 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll @@ -25,3 +25,10 @@ extensible predicate summaryModel( string package, string type, boolean subtypes, string name, string signature, string ext, string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId ); + +/** + * Holds if a neutral model exists for the given parameters. + */ +extensible predicate neutralModel( + string package, string type, string name, string signature, string kind, string provenance +); diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index 729987c26f11..df1b3093bc3b 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -15,6 +15,11 @@ private module FlowSummaries { private import semmle.go.dataflow.FlowSummary as F } +bindingset[pos] +private string positionToString(int pos) { + if pos = -1 then result = "receiver" else result = pos.toString() +} + module Input implements InputSig { class SummarizedCallableBase = Callable; @@ -22,9 +27,9 @@ module Input implements InputSig { ReturnKind getStandardReturnValueKind() { result = getReturnKind(0) } - string encodeParameterPosition(ParameterPosition pos) { result = pos.toString() } + string encodeParameterPosition(ParameterPosition pos) { result = positionToString(pos) } - string encodeArgumentPosition(ArgumentPosition pos) { result = pos.toString() } + string encodeArgumentPosition(ArgumentPosition pos) { result = positionToString(pos) } string encodeReturn(ReturnKind rk, string arg) { exists(int pos | @@ -273,6 +278,37 @@ module Private { module External { import Impl::Private::External import Impl::Private::External::SourceSinkInterpretation + + /** + * Holds if an external flow summary exists for `c` with input specification + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. + */ + predicate summaryElement( + Input::SummarizedCallableBase c, string input, string output, string kind, string provenance, + string model + ) { + exists( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + QlBuiltins::ExtensionId madId + | + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, + provenance, madId) and + model = "MaD:" + madId.toString() and + c.asFunction() = + interpretElement(namespace, type, subtypes, name, signature, ext).asEntity() + ) + } + + /** + * Holds if a neutral model exists for `c` of kind `kind` + * and with provenance `provenance`. + */ + predicate neutralElement(Input::SummarizedCallableBase c, string kind, string provenance) { + exists(string namespace, string type, string name, string signature | + neutralModel(namespace, type, name, signature, kind, provenance) and + c.asFunction() = interpretElement(namespace, type, false, name, signature, "").asEntity() + ) + } } /** diff --git a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.expected b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.expected index 8ec8033d086e..105b7026d0c4 100644 --- a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.expected +++ b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.expected @@ -1,2 +1,3 @@ -testFailures failures +invalidModelRow +testFailures diff --git a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.ql b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.ql index f5422c2a5073..9c34f9ff8bd9 100644 --- a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.ql +++ b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombTest.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest import experimental.frameworks.DecompressionBombs::DecompressionBomb diff --git a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.expected b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.expected +++ b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.ql b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.ql index d758666eccff..e45dfbb2ecf9 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.ql +++ b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import experimental.frameworks.CleverGo import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/experimental/frameworks/Fiber/TaintTracking.expected b/go/ql/test/experimental/frameworks/Fiber/TaintTracking.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/experimental/frameworks/Fiber/TaintTracking.expected +++ b/go/ql/test/experimental/frameworks/Fiber/TaintTracking.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/experimental/frameworks/Fiber/TaintTracking.ql b/go/ql/test/experimental/frameworks/Fiber/TaintTracking.ql index 0b985733390b..ad23bf13e92a 100644 --- a/go/ql/test/experimental/frameworks/Fiber/TaintTracking.ql +++ b/go/ql/test/experimental/frameworks/Fiber/TaintTracking.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import experimental.frameworks.Fiber import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.expected b/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.expected +++ b/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.ql b/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.ql index ab4890f9746d..a231fe6795f1 100644 --- a/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.ql +++ b/go/ql/test/library-tests/semmle/go/concepts/LoggerCall/LoggerCall.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module LoggerTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ArrayConversion/Flows.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected b/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected index 315e8f2ceab6..547c7b25da13 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected @@ -1,3 +1,4 @@ +invalidModelRow edges | test.go:9:9:9:11 | selection of c [collection] | test.go:9:7:9:11 | <-... | provenance | | | test.go:13:16:13:16 | definition of s [pointer, c, collection] | test.go:16:2:16:2 | s [pointer, c, collection] | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.ql b/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.ql index f750505693b3..c0e29f8b086e 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Flow = DataFlow::Global; diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/completetest.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/completetest.ext.yml index 47e51e573f01..79bf9128ef5c 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/completetest.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/completetest.ext.yml @@ -5,10 +5,11 @@ extensions: data: - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgArgIgnored", "", "", "Argument[0]", "Argument[1]", "taint", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResArrayContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgArrayContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] @@ -21,17 +22,20 @@ extensions: - ["github.com/nonexistent/test", "", False, "GetElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "GetMapKey", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "SetElement", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "GetThroughPointer", "", "", "Argument[-1].Dereference.Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "SetThroughPointer", "", "", "Argument[0]", "Argument[-1].Dereference.Field[github.com/nonexistent/test.C.F]", "value", "manual"] - + - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[receiver].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "GetThroughPointer", "", "", "Argument[receiver].Dereference.Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[receiver].Field[github.com/nonexistent/test.C.F]", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "SetThroughPointer", "", "", "Argument[0]", "Argument[receiver].Dereference.Field[github.com/nonexistent/test.C.F]", "value", "manual"] + - addsTo: + pack: codeql/go-all + extensible: neutralModel + data: + - ["github.com/nonexistent/test", "T", "StepArgArgIgnored", "", "summary", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel data: - ["github.com/nonexistent/test", "A", False, "Src1", "", "", "ReturnValue", "qltest", "manual"] - - addsTo: pack: codeql/go-all extensible: sinkModel diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.expected index c4dfd6a4e3d3..fc9adff8942d 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.expected @@ -1,44 +1,45 @@ invalidModelRow #select -| test.go:47:10:47:12 | arg | qltest | -| test.go:48:2:48:13 | type assertion | qltest | -| test.go:61:10:61:15 | taint1 | qltest | -| test.go:64:10:64:15 | taint2 | qltest | -| test.go:68:10:68:15 | taint3 | qltest | -| test.go:72:10:72:15 | taint4 | qltest | -| test.go:75:10:75:15 | taint5 | qltest | -| test.go:79:10:79:15 | taint6 | qltest | -| test.go:82:10:82:15 | taint7 | qltest | -| test.go:85:10:85:18 | index expression | qltest | -| test.go:87:11:87:11 | x | qltest | -| test.go:90:11:90:11 | x | qltest | -| test.go:95:10:95:15 | taint9 | qltest | -| test.go:98:10:98:33 | call to GetElement | qltest | -| test.go:99:10:99:18 | <-... | qltest | -| test.go:101:11:101:11 | e | qltest | -| test.go:104:11:104:11 | e | qltest | -| test.go:109:10:109:16 | taint11 | qltest | -| test.go:112:10:112:32 | call to GetMapKey | qltest | -| test.go:114:11:114:11 | k | qltest | -| test.go:117:11:117:11 | k | qltest | -| test.go:120:11:120:11 | k | qltest | -| test.go:123:11:123:11 | k | qltest | -| test.go:128:10:128:16 | taint13 | qltest | -| test.go:131:10:131:20 | index expression | qltest | -| test.go:133:11:133:11 | v | qltest | -| test.go:136:11:136:11 | v | qltest | -| test.go:141:10:141:16 | taint15 | qltest | -| test.go:145:10:145:17 | index expression | qltest | -| test.go:151:10:151:18 | index expression | qltest | -| test.go:156:10:156:16 | taint16 | qltest | -| test.go:160:10:160:13 | selection of F | qltest | -| test.go:163:10:163:17 | call to Get | qltest | -| test.go:167:10:167:17 | call to Get | qltest | +| test.go:48:10:48:12 | arg | qltest | +| test.go:49:2:49:13 | type assertion | qltest | +| test.go:62:10:62:15 | taint1 | qltest | +| test.go:65:10:65:15 | taint2 | qltest | +| test.go:69:10:69:15 | taint3 | qltest | +| test.go:73:10:73:22 | taint3ignored | qltest | +| test.go:77:10:77:15 | taint4 | qltest | +| test.go:80:10:80:15 | taint5 | qltest | +| test.go:84:10:84:15 | taint6 | qltest | +| test.go:87:10:87:15 | taint7 | qltest | +| test.go:90:10:90:18 | index expression | qltest | +| test.go:92:11:92:11 | x | qltest | +| test.go:95:11:95:11 | x | qltest | +| test.go:100:10:100:15 | taint9 | qltest | +| test.go:103:10:103:33 | call to GetElement | qltest | +| test.go:104:10:104:18 | <-... | qltest | +| test.go:106:11:106:11 | e | qltest | +| test.go:109:11:109:11 | e | qltest | +| test.go:114:10:114:16 | taint11 | qltest | +| test.go:117:10:117:32 | call to GetMapKey | qltest | +| test.go:119:11:119:11 | k | qltest | +| test.go:122:11:122:11 | k | qltest | +| test.go:125:11:125:11 | k | qltest | +| test.go:128:11:128:11 | k | qltest | +| test.go:133:10:133:16 | taint13 | qltest | +| test.go:136:10:136:20 | index expression | qltest | +| test.go:138:11:138:11 | v | qltest | +| test.go:141:11:141:11 | v | qltest | +| test.go:146:10:146:16 | taint15 | qltest | +| test.go:150:10:150:17 | index expression | qltest | +| test.go:156:10:156:18 | index expression | qltest | +| test.go:161:10:161:16 | taint16 | qltest | +| test.go:165:10:165:13 | selection of F | qltest | +| test.go:168:10:168:17 | call to Get | qltest | | test.go:172:10:172:17 | call to Get | qltest | -| test.go:176:10:176:14 | selection of F | qltest | -| test.go:179:10:179:32 | call to GetThroughPointer | qltest | -| test.go:183:10:183:32 | call to GetThroughPointer | qltest | +| test.go:177:10:177:17 | call to Get | qltest | +| test.go:181:10:181:14 | selection of F | qltest | +| test.go:184:10:184:32 | call to GetThroughPointer | qltest | | test.go:188:10:188:32 | call to GetThroughPointer | qltest | -| test.go:194:17:194:20 | arg1 | qltest | -| test.go:194:23:194:26 | arg2 | qltest | -| test.go:194:29:194:32 | arg3 | qltest | +| test.go:193:10:193:32 | call to GetThroughPointer | qltest | +| test.go:199:17:199:20 | arg1 | qltest | +| test.go:199:23:199:26 | arg2 | qltest | +| test.go:199:29:199:32 | arg3 | qltest | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.ext.yml index 653f82bae612..426e094c00c3 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.ext.yml @@ -4,5 +4,5 @@ extensions: extensible: sinkModel data: - ["github.com/nonexistent/test", "B", False, "Sink1", "", "", "Argument[0]", "qltest", "manual"] - - ["github.com/nonexistent/test", "B", False, "SinkMethod", "", "", "Argument[-1]", "qltest", "manual"] - - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] \ No newline at end of file + - ["github.com/nonexistent/test", "B", False, "SinkMethod", "", "", "Argument[receiver]", "qltest", "manual"] + - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected index 76d12060144d..d63fedba3fdb 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected @@ -1,23 +1,23 @@ invalidModelRow #select | test.go:10:6:10:8 | definition of arg | qltest-arg | -| test.go:38:8:38:15 | call to Src1 | qltest | -| test.go:39:8:39:15 | call to Src2 | qltest | -| test.go:39:8:39:15 | call to Src2 | qltest-w-subtypes | -| test.go:40:8:40:16 | call to Src2 | qltest-w-subtypes | -| test.go:41:2:41:21 | ... = ...[0] | qltest | -| test.go:41:2:41:21 | ... = ...[1] | qltest-w-subtypes | -| test.go:42:2:42:22 | ... = ...[1] | qltest-w-subtypes | -| test.go:58:9:58:16 | call to Src1 | qltest | -| test.go:97:46:97:53 | call to Src1 | qltest | -| test.go:107:35:107:42 | call to Src1 | qltest | -| test.go:111:42:111:49 | call to Src1 | qltest | -| test.go:154:8:154:15 | call to Src1 | qltest | -| test.go:159:9:159:16 | call to Src1 | qltest | -| test.go:162:15:162:22 | call to Src1 | qltest | -| test.go:166:9:166:16 | call to Src1 | qltest | -| test.go:170:9:170:16 | call to Src1 | qltest | -| test.go:175:24:175:31 | call to Src1 | qltest | -| test.go:178:17:178:24 | call to Src1 | qltest | -| test.go:182:24:182:31 | call to Src1 | qltest | -| test.go:186:24:186:31 | call to Src1 | qltest | +| test.go:39:8:39:15 | call to Src1 | qltest | +| test.go:40:8:40:15 | call to Src2 | qltest | +| test.go:40:8:40:15 | call to Src2 | qltest-w-subtypes | +| test.go:41:8:41:16 | call to Src2 | qltest-w-subtypes | +| test.go:42:2:42:21 | ... = ...[0] | qltest | +| test.go:42:2:42:21 | ... = ...[1] | qltest-w-subtypes | +| test.go:43:2:43:22 | ... = ...[1] | qltest-w-subtypes | +| test.go:59:9:59:16 | call to Src1 | qltest | +| test.go:102:46:102:53 | call to Src1 | qltest | +| test.go:112:35:112:42 | call to Src1 | qltest | +| test.go:116:42:116:49 | call to Src1 | qltest | +| test.go:159:8:159:15 | call to Src1 | qltest | +| test.go:164:9:164:16 | call to Src1 | qltest | +| test.go:167:15:167:22 | call to Src1 | qltest | +| test.go:171:9:171:16 | call to Src1 | qltest | +| test.go:175:9:175:16 | call to Src1 | qltest | +| test.go:180:24:180:31 | call to Src1 | qltest | +| test.go:183:17:183:24 | call to Src1 | qltest | +| test.go:187:24:187:31 | call to Src1 | qltest | +| test.go:191:24:191:31 | call to Src1 | qltest | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.expected index 9173869eac95..bd8617f3ec43 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.expected @@ -3,14 +3,14 @@ invalidModelRow | test.go:17:23:17:25 | arg | test.go:17:10:17:26 | call to StepArgRes | | test.go:18:27:18:29 | arg | test.go:18:2:18:30 | ... = ...[1] | | test.go:19:15:19:17 | arg | test.go:11:6:11:9 | definition of arg1 | -| test.go:20:16:20:18 | arg | test.go:13:6:13:6 | definition of t | -| test.go:21:10:21:10 | t | test.go:21:10:21:24 | call to StepQualRes | -| test.go:22:2:22:2 | t | test.go:10:6:10:8 | definition of arg | -| test.go:23:32:23:34 | arg | test.go:23:10:23:35 | call to StepArgResNoQual | -| test.go:60:25:60:27 | src | test.go:60:12:60:28 | call to StepArgRes | -| test.go:63:29:63:31 | src | test.go:63:2:63:32 | ... := ...[1] | -| test.go:67:15:67:17 | src | test.go:66:6:66:11 | definition of taint3 | -| test.go:71:21:71:23 | src | test.go:70:6:70:11 | definition of taint4 | -| test.go:74:13:74:25 | type assertion | test.go:74:12:74:40 | call to StepQualRes | -| test.go:78:3:78:15 | type assertion | test.go:77:6:77:11 | definition of taint6 | -| test.go:81:34:81:36 | src | test.go:81:12:81:37 | call to StepArgResNoQual | +| test.go:21:16:21:18 | arg | test.go:13:6:13:6 | definition of t | +| test.go:22:10:22:10 | t | test.go:22:10:22:24 | call to StepQualRes | +| test.go:23:2:23:2 | t | test.go:10:6:10:8 | definition of arg | +| test.go:24:32:24:34 | arg | test.go:24:10:24:35 | call to StepArgResNoQual | +| test.go:61:25:61:27 | src | test.go:61:12:61:28 | call to StepArgRes | +| test.go:64:29:64:31 | src | test.go:64:2:64:32 | ... := ...[1] | +| test.go:68:15:68:17 | src | test.go:67:6:67:11 | definition of taint3 | +| test.go:76:21:76:23 | src | test.go:75:6:75:11 | definition of taint4 | +| test.go:79:13:79:25 | type assertion | test.go:79:12:79:40 | call to StepQualRes | +| test.go:83:3:83:15 | type assertion | test.go:82:6:82:11 | definition of taint6 | +| test.go:86:34:86:36 | src | test.go:86:12:86:37 | call to StepArgResNoQual | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.ext.yml index f1c5a78ecbf8..ae1494038202 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/steps.ext.yml @@ -5,10 +5,16 @@ extensions: data: - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgArgIgnored", "", "", "Argument[0]", "Argument[1]", "taint", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[receiver]", "Argument[0]", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] + - addsTo: + pack: codeql/go-all + extensible: neutralModel + data: + - ["github.com/nonexistent/test", "T", "StepArgArgIgnored", "", "summary", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/test.go b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/test.go index 689390417189..33e980dac990 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/test.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/test.go @@ -17,6 +17,7 @@ func main() { taint = t.StepArgRes(arg) _, taint = t.StepArgRes1(arg) t.StepArgArg(arg, arg1) + t.StepArgArgIgnored(arg, arg1) t.StepArgQual(arg) taint = t.StepQualRes() t.StepQualArg(arg) @@ -67,6 +68,10 @@ func simpleflow() { t.StepArgArg(src, taint3) b.Sink1(taint3) // $ hasTaintFlow="taint3" + var taint3ignored interface{} + t.StepArgArgIgnored(src, taint3ignored) + b.Sink1(taint3ignored) + var taint4 test.T taint4.StepArgQual(src) b.Sink1(taint4) // $ hasTaintFlow="taint4" diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/vendor/github.com/nonexistent/test/stub.go b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/vendor/github.com/nonexistent/test/stub.go index 746f6ac9a6a3..05a5f741d764 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/vendor/github.com/nonexistent/test/stub.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/vendor/github.com/nonexistent/test/stub.go @@ -8,6 +8,8 @@ func (t *T) StepArgRes1(arg interface{}) (interface{}, interface{}) { return nil func (t *T) StepArgArg(a1 interface{}, a2 interface{}) {} +func (t *T) StepArgArgIgnored(a1 interface{}, a2 interface{}) {} + func (t *T) StepArgQual(arg interface{}) {} func (t *T) StepQualRes() interface{} { return nil } diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ext.yml index 0ef664d51823..8fbc26ff6cda 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/completetest.ext.yml @@ -5,10 +5,11 @@ extensions: data: - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgArgIgnored", "", "", "Argument[0]", "Argument[1]", "value", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[receiver]", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[receiver]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[receiver]", "Argument[0]", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResArrayContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgArrayContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"] @@ -21,17 +22,20 @@ extensions: - ["github.com/nonexistent/test", "", False, "GetElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "GetMapKey", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "SetElement", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "GetThroughPointer", "", "", "Argument[-1].Dereference.Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "value", "manual"] - - ["github.com/nonexistent/test", "C", False, "SetThroughPointer", "", "", "Argument[0]", "Argument[-1].Dereference.Field[github.com/nonexistent/test.C.F]", "value", "manual"] - + - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[receiver].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "GetThroughPointer", "", "", "Argument[receiver].Dereference.Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[receiver].Field[github.com/nonexistent/test.C.F]", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "SetThroughPointer", "", "", "Argument[0]", "Argument[receiver].Dereference.Field[github.com/nonexistent/test.C.F]", "value", "manual"] + - addsTo: + pack: codeql/go-all + extensible: neutralModel + data: + - ["github.com/nonexistent/test", "T", "StepArgArgIgnored", "", "summary", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel data: - ["github.com/nonexistent/test", "A", False, "Src1", "", "", "ReturnValue", "qltest", "manual"] - - addsTo: pack: codeql/go-all extensible: sinkModel diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.expected index 0d7136bb73db..0fe3a614e11f 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.expected @@ -1,50 +1,51 @@ invalidModelRow #select -| test.go:47:10:47:12 | arg | qltest | -| test.go:48:2:48:13 | type assertion | qltest | -| test.go:61:10:61:15 | taint1 | qltest | -| test.go:64:10:64:15 | taint2 | qltest | -| test.go:68:10:68:15 | taint3 | qltest | -| test.go:72:10:72:15 | taint4 | qltest | -| test.go:75:10:75:15 | taint5 | qltest | -| test.go:79:10:79:15 | taint6 | qltest | -| test.go:82:10:82:15 | taint7 | qltest | -| test.go:85:10:85:18 | index expression | qltest | -| test.go:87:11:87:11 | x | qltest | -| test.go:90:11:90:11 | x | qltest | -| test.go:95:10:95:15 | taint9 | qltest | -| test.go:98:10:98:33 | call to GetElement | qltest | -| test.go:99:10:99:18 | <-... | qltest | -| test.go:101:11:101:11 | e | qltest | -| test.go:104:11:104:11 | e | qltest | -| test.go:109:10:109:16 | taint11 | qltest | -| test.go:112:10:112:32 | call to GetMapKey | qltest | -| test.go:114:11:114:11 | k | qltest | -| test.go:117:11:117:11 | k | qltest | -| test.go:120:11:120:11 | k | qltest | -| test.go:123:11:123:11 | k | qltest | -| test.go:128:10:128:16 | taint13 | qltest | -| test.go:131:10:131:20 | index expression | qltest | -| test.go:133:11:133:11 | v | qltest | -| test.go:136:11:136:11 | v | qltest | -| test.go:141:10:141:16 | taint15 | qltest | -| test.go:145:10:145:17 | index expression | qltest | -| test.go:151:10:151:18 | index expression | qltest | -| test.go:156:10:156:16 | taint16 | qltest | -| test.go:160:10:160:13 | selection of F | qltest | -| test.go:163:10:163:17 | call to Get | qltest | -| test.go:167:10:167:17 | call to Get | qltest | +| test.go:48:10:48:12 | arg | qltest | +| test.go:49:2:49:13 | type assertion | qltest | +| test.go:62:10:62:15 | taint1 | qltest | +| test.go:65:10:65:15 | taint2 | qltest | +| test.go:69:10:69:15 | taint3 | qltest | +| test.go:73:10:73:22 | taint3ignored | qltest | +| test.go:77:10:77:15 | taint4 | qltest | +| test.go:80:10:80:15 | taint5 | qltest | +| test.go:84:10:84:15 | taint6 | qltest | +| test.go:87:10:87:15 | taint7 | qltest | +| test.go:90:10:90:18 | index expression | qltest | +| test.go:92:11:92:11 | x | qltest | +| test.go:95:11:95:11 | x | qltest | +| test.go:100:10:100:15 | taint9 | qltest | +| test.go:103:10:103:33 | call to GetElement | qltest | +| test.go:104:10:104:18 | <-... | qltest | +| test.go:106:11:106:11 | e | qltest | +| test.go:109:11:109:11 | e | qltest | +| test.go:114:10:114:16 | taint11 | qltest | +| test.go:117:10:117:32 | call to GetMapKey | qltest | +| test.go:119:11:119:11 | k | qltest | +| test.go:122:11:122:11 | k | qltest | +| test.go:125:11:125:11 | k | qltest | +| test.go:128:11:128:11 | k | qltest | +| test.go:133:10:133:16 | taint13 | qltest | +| test.go:136:10:136:20 | index expression | qltest | +| test.go:138:11:138:11 | v | qltest | +| test.go:141:11:141:11 | v | qltest | +| test.go:146:10:146:16 | taint15 | qltest | +| test.go:150:10:150:17 | index expression | qltest | +| test.go:156:10:156:18 | index expression | qltest | +| test.go:161:10:161:16 | taint16 | qltest | +| test.go:165:10:165:13 | selection of F | qltest | +| test.go:168:10:168:17 | call to Get | qltest | | test.go:172:10:172:17 | call to Get | qltest | -| test.go:176:10:176:14 | selection of F | qltest | -| test.go:179:10:179:32 | call to GetThroughPointer | qltest | -| test.go:183:10:183:32 | call to GetThroughPointer | qltest | +| test.go:177:10:177:17 | call to Get | qltest | +| test.go:181:10:181:14 | selection of F | qltest | +| test.go:184:10:184:32 | call to GetThroughPointer | qltest | | test.go:188:10:188:32 | call to GetThroughPointer | qltest | -| test.go:194:17:194:20 | arg1 | qltest | -| test.go:194:23:194:26 | arg2 | qltest | -| test.go:194:29:194:32 | arg3 | qltest | -| test.go:197:10:197:26 | call to max | qltest | -| test.go:198:10:198:26 | call to max | qltest | -| test.go:199:10:199:26 | call to max | qltest | -| test.go:200:10:200:26 | call to min | qltest | -| test.go:201:10:201:26 | call to min | qltest | -| test.go:202:10:202:26 | call to min | qltest | +| test.go:193:10:193:32 | call to GetThroughPointer | qltest | +| test.go:199:17:199:20 | arg1 | qltest | +| test.go:199:23:199:26 | arg2 | qltest | +| test.go:199:29:199:32 | arg3 | qltest | +| test.go:202:10:202:26 | call to max | qltest | +| test.go:203:10:203:26 | call to max | qltest | +| test.go:204:10:204:26 | call to max | qltest | +| test.go:205:10:205:26 | call to min | qltest | +| test.go:206:10:206:26 | call to min | qltest | +| test.go:207:10:207:26 | call to min | qltest | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.ext.yml index 653f82bae612..426e094c00c3 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.ext.yml @@ -4,5 +4,5 @@ extensions: extensible: sinkModel data: - ["github.com/nonexistent/test", "B", False, "Sink1", "", "", "Argument[0]", "qltest", "manual"] - - ["github.com/nonexistent/test", "B", False, "SinkMethod", "", "", "Argument[-1]", "qltest", "manual"] - - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] \ No newline at end of file + - ["github.com/nonexistent/test", "B", False, "SinkMethod", "", "", "Argument[receiver]", "qltest", "manual"] + - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected index 76d12060144d..d63fedba3fdb 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected @@ -1,23 +1,23 @@ invalidModelRow #select | test.go:10:6:10:8 | definition of arg | qltest-arg | -| test.go:38:8:38:15 | call to Src1 | qltest | -| test.go:39:8:39:15 | call to Src2 | qltest | -| test.go:39:8:39:15 | call to Src2 | qltest-w-subtypes | -| test.go:40:8:40:16 | call to Src2 | qltest-w-subtypes | -| test.go:41:2:41:21 | ... = ...[0] | qltest | -| test.go:41:2:41:21 | ... = ...[1] | qltest-w-subtypes | -| test.go:42:2:42:22 | ... = ...[1] | qltest-w-subtypes | -| test.go:58:9:58:16 | call to Src1 | qltest | -| test.go:97:46:97:53 | call to Src1 | qltest | -| test.go:107:35:107:42 | call to Src1 | qltest | -| test.go:111:42:111:49 | call to Src1 | qltest | -| test.go:154:8:154:15 | call to Src1 | qltest | -| test.go:159:9:159:16 | call to Src1 | qltest | -| test.go:162:15:162:22 | call to Src1 | qltest | -| test.go:166:9:166:16 | call to Src1 | qltest | -| test.go:170:9:170:16 | call to Src1 | qltest | -| test.go:175:24:175:31 | call to Src1 | qltest | -| test.go:178:17:178:24 | call to Src1 | qltest | -| test.go:182:24:182:31 | call to Src1 | qltest | -| test.go:186:24:186:31 | call to Src1 | qltest | +| test.go:39:8:39:15 | call to Src1 | qltest | +| test.go:40:8:40:15 | call to Src2 | qltest | +| test.go:40:8:40:15 | call to Src2 | qltest-w-subtypes | +| test.go:41:8:41:16 | call to Src2 | qltest-w-subtypes | +| test.go:42:2:42:21 | ... = ...[0] | qltest | +| test.go:42:2:42:21 | ... = ...[1] | qltest-w-subtypes | +| test.go:43:2:43:22 | ... = ...[1] | qltest-w-subtypes | +| test.go:59:9:59:16 | call to Src1 | qltest | +| test.go:102:46:102:53 | call to Src1 | qltest | +| test.go:112:35:112:42 | call to Src1 | qltest | +| test.go:116:42:116:49 | call to Src1 | qltest | +| test.go:159:8:159:15 | call to Src1 | qltest | +| test.go:164:9:164:16 | call to Src1 | qltest | +| test.go:167:15:167:22 | call to Src1 | qltest | +| test.go:171:9:171:16 | call to Src1 | qltest | +| test.go:175:9:175:16 | call to Src1 | qltest | +| test.go:180:24:180:31 | call to Src1 | qltest | +| test.go:183:17:183:24 | call to Src1 | qltest | +| test.go:187:24:187:31 | call to Src1 | qltest | +| test.go:191:24:191:31 | call to Src1 | qltest | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.expected index bb662634e9d5..e53ed76ad002 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.expected @@ -3,32 +3,32 @@ invalidModelRow | test.go:17:23:17:25 | arg | test.go:17:10:17:26 | call to StepArgRes | | test.go:18:27:18:29 | arg | test.go:18:2:18:30 | ... = ...[1] | | test.go:19:15:19:17 | arg | test.go:11:6:11:9 | definition of arg1 | -| test.go:20:16:20:18 | arg | test.go:13:6:13:6 | definition of t | -| test.go:21:10:21:10 | t | test.go:21:10:21:24 | call to StepQualRes | -| test.go:22:2:22:2 | t | test.go:10:6:10:8 | definition of arg | -| test.go:23:32:23:34 | arg | test.go:23:10:23:35 | call to StepArgResNoQual | -| test.go:60:25:60:27 | src | test.go:60:12:60:28 | call to StepArgRes | -| test.go:63:29:63:31 | src | test.go:63:2:63:32 | ... := ...[1] | -| test.go:67:15:67:17 | src | test.go:66:6:66:11 | definition of taint3 | -| test.go:71:21:71:23 | src | test.go:70:6:70:11 | definition of taint4 | -| test.go:74:13:74:25 | type assertion | test.go:74:12:74:40 | call to StepQualRes | -| test.go:78:3:78:15 | type assertion | test.go:77:6:77:11 | definition of taint6 | -| test.go:81:34:81:36 | src | test.go:81:12:81:37 | call to StepArgResNoQual | -| test.go:197:14:197:19 | srcInt | test.go:197:10:197:26 | call to max | -| test.go:197:22:197:22 | 0 | test.go:197:10:197:26 | call to max | -| test.go:197:25:197:25 | 1 | test.go:197:10:197:26 | call to max | -| test.go:198:14:198:14 | 0 | test.go:198:10:198:26 | call to max | -| test.go:198:17:198:22 | srcInt | test.go:198:10:198:26 | call to max | -| test.go:198:25:198:25 | 1 | test.go:198:10:198:26 | call to max | -| test.go:199:14:199:14 | 0 | test.go:199:10:199:26 | call to max | -| test.go:199:17:199:17 | 1 | test.go:199:10:199:26 | call to max | -| test.go:199:20:199:25 | srcInt | test.go:199:10:199:26 | call to max | -| test.go:200:14:200:19 | srcInt | test.go:200:10:200:26 | call to min | -| test.go:200:22:200:22 | 0 | test.go:200:10:200:26 | call to min | -| test.go:200:25:200:25 | 1 | test.go:200:10:200:26 | call to min | -| test.go:201:14:201:14 | 0 | test.go:201:10:201:26 | call to min | -| test.go:201:17:201:22 | srcInt | test.go:201:10:201:26 | call to min | -| test.go:201:25:201:25 | 1 | test.go:201:10:201:26 | call to min | -| test.go:202:14:202:14 | 0 | test.go:202:10:202:26 | call to min | -| test.go:202:17:202:17 | 1 | test.go:202:10:202:26 | call to min | -| test.go:202:20:202:25 | srcInt | test.go:202:10:202:26 | call to min | +| test.go:21:16:21:18 | arg | test.go:13:6:13:6 | definition of t | +| test.go:22:10:22:10 | t | test.go:22:10:22:24 | call to StepQualRes | +| test.go:23:2:23:2 | t | test.go:10:6:10:8 | definition of arg | +| test.go:24:32:24:34 | arg | test.go:24:10:24:35 | call to StepArgResNoQual | +| test.go:61:25:61:27 | src | test.go:61:12:61:28 | call to StepArgRes | +| test.go:64:29:64:31 | src | test.go:64:2:64:32 | ... := ...[1] | +| test.go:68:15:68:17 | src | test.go:67:6:67:11 | definition of taint3 | +| test.go:76:21:76:23 | src | test.go:75:6:75:11 | definition of taint4 | +| test.go:79:13:79:25 | type assertion | test.go:79:12:79:40 | call to StepQualRes | +| test.go:83:3:83:15 | type assertion | test.go:82:6:82:11 | definition of taint6 | +| test.go:86:34:86:36 | src | test.go:86:12:86:37 | call to StepArgResNoQual | +| test.go:202:14:202:19 | srcInt | test.go:202:10:202:26 | call to max | +| test.go:202:22:202:22 | 0 | test.go:202:10:202:26 | call to max | +| test.go:202:25:202:25 | 1 | test.go:202:10:202:26 | call to max | +| test.go:203:14:203:14 | 0 | test.go:203:10:203:26 | call to max | +| test.go:203:17:203:22 | srcInt | test.go:203:10:203:26 | call to max | +| test.go:203:25:203:25 | 1 | test.go:203:10:203:26 | call to max | +| test.go:204:14:204:14 | 0 | test.go:204:10:204:26 | call to max | +| test.go:204:17:204:17 | 1 | test.go:204:10:204:26 | call to max | +| test.go:204:20:204:25 | srcInt | test.go:204:10:204:26 | call to max | +| test.go:205:14:205:19 | srcInt | test.go:205:10:205:26 | call to min | +| test.go:205:22:205:22 | 0 | test.go:205:10:205:26 | call to min | +| test.go:205:25:205:25 | 1 | test.go:205:10:205:26 | call to min | +| test.go:206:14:206:14 | 0 | test.go:206:10:206:26 | call to min | +| test.go:206:17:206:22 | srcInt | test.go:206:10:206:26 | call to min | +| test.go:206:25:206:25 | 1 | test.go:206:10:206:26 | call to min | +| test.go:207:14:207:14 | 0 | test.go:207:10:207:26 | call to min | +| test.go:207:17:207:17 | 1 | test.go:207:10:207:26 | call to min | +| test.go:207:20:207:25 | srcInt | test.go:207:10:207:26 | call to min | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ext.yml index 12acdaba5314..5648c439e268 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/steps.ext.yml @@ -5,10 +5,16 @@ extensions: data: - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "value", "manual"] - - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "value", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgArgIgnored", "", "", "Argument[0]", "Argument[1]", "value", "df-generated"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[receiver]", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[receiver]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[receiver]", "Argument[0]", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgResContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "value", "manual"] - ["github.com/nonexistent/test", "", False, "StepArgContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"] + - addsTo: + pack: codeql/go-all + extensible: neutralModel + data: + - ["github.com/nonexistent/test", "T", "StepArgArgIgnored", "", "summary", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go index a72a7895323a..82419ae7d595 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go @@ -17,6 +17,7 @@ func main() { taint = t.StepArgRes(arg) _, taint = t.StepArgRes1(arg) t.StepArgArg(arg, arg1) + t.StepArgArgIgnored(arg, arg1) t.StepArgQual(arg) taint = t.StepQualRes() t.StepQualArg(arg) @@ -67,6 +68,10 @@ func simpleflow() { t.StepArgArg(src, taint3) b.Sink1(taint3) // $ hasValueFlow="taint3" + var taint3ignored interface{} + t.StepArgArgIgnored(src, taint3ignored) + b.Sink1(taint3ignored) + var taint4 test.T taint4.StepArgQual(src) b.Sink1(taint4) // $ hasValueFlow="taint4" diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/vendor/github.com/nonexistent/test/stub.go b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/vendor/github.com/nonexistent/test/stub.go index 746f6ac9a6a3..05a5f741d764 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/vendor/github.com/nonexistent/test/stub.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/vendor/github.com/nonexistent/test/stub.go @@ -8,6 +8,8 @@ func (t *T) StepArgRes1(arg interface{}) (interface{}, interface{}) { return nil func (t *T) StepArgArg(a1 interface{}, a2 interface{}) {} +func (t *T) StepArgArgIgnored(a1 interface{}, a2 interface{}) {} + func (t *T) StepArgQual(arg interface{}) {} func (t *T) StepQualRes() interface{} { return nil } diff --git a/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/GenericFunctionsAndTypes/Flows.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.expected b/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.ql b/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.ql index aaed5221e3e8..8d8d8c130062 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest predicate isBad(DataFlow::Node g, Expr e, boolean branch) { diff --git a/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected b/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected index 12ce400b1dd4..c273007e82de 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected @@ -1,3 +1,4 @@ +invalidModelRow edges | test.go:14:8:14:15 | call to source | test.go:15:34:15:35 | fi | provenance | | | test.go:15:2:15:44 | ... := ...[0] | test.go:16:7:16:12 | header | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.ql b/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.ql index be623538f145..1711bb5eebc9 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Flow = TaintTracking::Global; diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.expected b/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.ql b/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.ql index 8a4a310c27ca..3169b9e35c07 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import TaintFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/MapReadsAndStores/Flows.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.expected b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.ql b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.ql index e487e04949f1..2ccd28c3b60b 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/DataFlowConfig.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import ValueFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.expected b/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.ql b/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.ql index 64724e284d07..c331ccf530d1 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/PromotedMethods/DataFlowConfig.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest import TestUtilities.InlineFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/SliceExpressions/Flows.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.expected b/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.ql b/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/Switch/DataFlow.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.expected b/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.ql b/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/TypeAssertions/DataFlow.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/Flows.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.expected b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql index ed0c5933944b..80f711e33129 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.expected b/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.expected index 8ec8033d086e..08c5eee5289b 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.expected @@ -1,2 +1,3 @@ +invalidModelRow testFailures failures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.ql b/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.ql index 0d65f9e22b06..9dc570773f54 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Afero/Query.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module FileSystemAccessTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql index 20f788ef4d16..7f1f4dd507b3 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Config implements DataFlow::ConfigSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.expected b/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.ql index d50a95c706f0..2c07f1919a68 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest import semmle.go.security.SqlInjection diff --git a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.expected b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql index 1003a5a95411..3a07461319ca 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module RemoteFlowSourceTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected index 4bb254ce89d3..229a6cefb4e6 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected @@ -1,3 +1,4 @@ +invalidModelRow edges | jsoniter.go:23:20:23:38 | call to getUntrustedBytes | jsoniter.go:27:17:27:30 | untrustedInput | provenance | | | jsoniter.go:23:20:23:38 | call to getUntrustedBytes | jsoniter.go:31:21:31:34 | untrustedInput | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql index 3532a02a54fe..1d761c2a6795 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.security.CommandInjection import CommandInjection::Flow::PathGraph diff --git a/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected b/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql b/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql index a6ca153b6534..d812e814e3a8 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Config implements DataFlow::ConfigSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.expected b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.ql b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/AdditionalTaintSteps.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.expected b/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.expected index 8ec8033d086e..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.expected @@ -1,2 +1,3 @@ -testFailures failures +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.ql b/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.ql index 2bcd815716d6..5a6ba8d33687 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fiber/Query.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module FileSystemAccessTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql index fbc5bb8e1737..bafda6822cae 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module RemoteFlowSourceTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.expected b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.ql b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.ql index c4aa98a00488..5275d86e1239 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/gomicro.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module GoMicroTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected b/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected index e64858732ed4..91b511d1cc64 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected @@ -1,3 +1,4 @@ +invalidModelRow edges | gorestful.go:15:15:15:44 | call to QueryParameters | gorestful.go:15:15:15:47 | index expression | provenance | | | gorestful.go:17:12:17:39 | call to BodyParameter | gorestful.go:18:15:18:17 | val | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.ql b/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.ql index b09ab2771cc3..9879c2cb915d 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.security.CommandInjection import CommandInjection::Flow::PathGraph diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.expected b/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.expected index 8ec8033d086e..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.expected @@ -1,2 +1,3 @@ -testFailures failures +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.ql b/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.ql index 2bcd815716d6..5a6ba8d33687 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Iris/Query.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module FileSystemAccessTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.expected b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.ql b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/TaintFlowsInline.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.expected b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.ql b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.ql index 1b27b27d6dc2..1b64b928c3ff 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/TaintFlowsInline.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import DefaultFlowTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.expected b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.ql b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.ql index be38cebd11b5..7455675a5bc4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/SecretInterfaceSource.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module K8sIoApimachineryPkgRuntimeTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected index 8ec8033d086e..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected @@ -1,2 +1,3 @@ -testFailures failures +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql index 5d201034133b..bca82f92fdb8 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module RemoteFlowSourceTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected index 84776eef5750..3c7d482157d5 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected @@ -1,2 +1,4 @@ +invalidModelRow +#select | mux.go:15:10:15:20 | call to Vars | | mux.go:21:13:21:23 | call to Vars | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql index d56a98686e0c..058aa847a32e 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql @@ -1,3 +1,5 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation select any(RemoteFlowSource ufs) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.expected b/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.ql b/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.ql index 3f14991d2743..782c59d96ecd 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/NoSQL/Query.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module NoSqlQueryTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.expected b/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.ql b/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.ql index fd4bdd857e62..49d2678fd426 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Protobuf/TaintFlows.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Config implements DataFlow::ConfigSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.expected b/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.ql b/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.ql index 6b1c1f70e048..eeb43a82fadd 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/QueryString.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module SqlTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.expected b/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.ql b/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.ql index afbd42aba172..a663c7a70f49 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Spew/TaintFlows.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module TestConfig implements DataFlow::ConfigSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.expected b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.ql index f91654329a1c..880b74c09531 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/test.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module FileSystemAccessTest implements TestSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected b/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected index d9ca51beee26..c5d417c3f2b5 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected @@ -1,3 +1,5 @@ +invalidModelRow +#select | SystemCommandExecutors.go:30:3:30:36 | call to StartProcess | SystemCommandExecutors.go:30:19:30:24 | source | | SystemCommandExecutors.go:34:3:34:47 | call to StartProcess | SystemCommandExecutors.go:34:19:34:23 | shell | | SystemCommandExecutors.go:34:3:34:47 | call to StartProcess | SystemCommandExecutors.go:34:26:34:41 | slice literal | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.ql b/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.ql index 0d0ccb6d54ec..7d9b9fca7952 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.security.CommandInjection from SystemCommandExecution exec diff --git a/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected b/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected index 64520842d762..b7c6f703cf51 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected @@ -1,3 +1,5 @@ +invalidModelRow +#select | crypto.go:9:14:9:31 | call to NewCipher | crypto.go:9:2:9:31 | ... := ...[0] | | crypto.go:9:14:9:31 | call to NewCipher | crypto.go:9:2:9:31 | ... := ...[1] | | crypto.go:10:15:10:34 | call to NewGCM | crypto.go:10:2:10:34 | ... := ...[0] | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.ql b/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.ql index deda9d142203..eba87320e081 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.ql @@ -1,6 +1,8 @@ // This test finds taint tracking steps which are not data flow steps // to illustrate which steps are added specifically by taint tracking import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.dataflow.internal.DataFlowPrivate from DataFlow::Node pred, DataFlow::Node succ diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.expected b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.expected index 192859e3d0f9..4b0a2d917e71 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.expected @@ -1,3 +1,4 @@ +invalidModelRow passingPositiveTests | PASSED | clientConstructor | rpc/notes/service.twirp.go:53:114:53:139 | comment | | PASSED | clientConstructor | rpc/notes/service.twirp.go:192:110:192:135 | comment | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.ql b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.ql index e4909fa9fe90..563cb149a9a0 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/tests.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.security.RequestForgery class InlineTest extends LineComment { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.expected b/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.ql b/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.ql index c4c0cafb50e1..82087630b33a 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Yaml/tests.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest predicate isYamlFunction(Function f) { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.expected b/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.ql b/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.ql index 0b18ba244d5d..a1d71b1134f1 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest module Config implements DataFlow::ConfigSig { diff --git a/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.expected b/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.expected index 48de9172b362..105b7026d0c4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.expected @@ -1,2 +1,3 @@ failures +invalidModelRow testFailures diff --git a/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql b/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql index 693465d8e332..91a53fae3350 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/gqlgen/gqlgen.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest module ResolveParameterTest implements TestSig { diff --git a/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.expected b/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.expected +++ b/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.ql b/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.ql index 298287ec4aad..07c183d20f57 100644 --- a/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.ql +++ b/go/ql/test/query-tests/Security/CWE-117/LogInjectionTest.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineFlowTest import semmle.go.security.LogInjection import TaintFlowTest diff --git a/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected b/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected index 8ec8033d086e..105b7026d0c4 100644 --- a/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected +++ b/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected @@ -1,2 +1,3 @@ -testFailures failures +invalidModelRow +testFailures diff --git a/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.ql b/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.ql index 5b4df48ea31d..b99b51702a2e 100644 --- a/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.ql +++ b/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import TestUtilities.InlineExpectationsTest import semmle.go.security.IncorrectIntegerConversionLib diff --git a/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.expected b/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.expected index e69de29bb2d1..42831abaf155 100644 --- a/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.expected +++ b/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.expected @@ -0,0 +1,2 @@ +invalidModelRow +testFailures diff --git a/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.ql b/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.ql index 18add3a48812..60b3f945e07a 100644 --- a/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.ql +++ b/go/ql/test/query-tests/Security/CWE-770/UncontrolledAllocationSize.ql @@ -1,4 +1,6 @@ import go +import semmle.go.dataflow.ExternalFlow +import ModelValidation import semmle.go.security.UncontrolledAllocationSize import TestUtilities.InlineFlowTest import FlowTest