From a94ba25ebe51e1acbd2b2a7042f87f0965a498f9 Mon Sep 17 00:00:00 2001 From: Kevin Stubbings Date: Wed, 13 Nov 2024 14:45:45 -0800 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com> --- go/ql/src/change-notes/2024-10-14-gopathsanitizer.md | 2 +- .../query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go | 2 +- .../Security/CWE-022/GorillaMuxSkipClean/MuxClean.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md b/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md index 93371d9f229d..e1577bf3a90f 100644 --- a/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md +++ b/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md @@ -1,4 +1,4 @@ --- category: minorAnalysis --- -* Added [github.com/gorilla/mux.Vars](https://pkg.go.dev/github.com/gorilla/mux#Vars) to path sanitizers. \ No newline at end of file +* Added [github.com/gorilla/mux.Vars](https://pkg.go.dev/github.com/gorilla/mux#Vars) to path sanitizers (disabled if [github.com/gorilla/mix.Router.SkipClean](https://pkg.go.dev/github.com/gorilla/mux#Router.SkipClean) has been called). \ No newline at end of file diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go index 25e39a1bfbf3..a5af6de55803 100644 --- a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go @@ -1,4 +1,3 @@ -// GOOD: Sanitized by Gorilla's cleaner package main import ( @@ -9,6 +8,7 @@ import ( "github.com/gorilla/mux" ) +// GOOD: Sanitized by Gorilla's cleaner func GorillaHandler(w http.ResponseWriter, r *http.Request) { not_tainted_path := mux.Vars(r)["id"] data, _ := ioutil.ReadFile(filepath.Join("/home/user/", not_tainted_path)) diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go index aafc93c75eab..cb3b5d2a7b89 100644 --- a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go @@ -1,4 +1,3 @@ -// GOOD: Sanitized by Gorilla's cleaner package main import ( @@ -9,6 +8,7 @@ import ( "github.com/gorilla/mux" ) +// BAD: Gorilla's `Vars` is not a sanitizer as `Router.SkipClean` has been called func GorillaHandler(w http.ResponseWriter, r *http.Request) { not_tainted_path := mux.Vars(r)["id"] data, _ := ioutil.ReadFile(filepath.Join("/home/user/", not_tainted_path))