diff --git a/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll b/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll index 953d9810d532..df601ce1eb84 100644 --- a/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll +++ b/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll @@ -93,6 +93,25 @@ module TaintedPath { } } + /** + * A call to `mux.Vars(path)`, considered to sanitize `path` against path traversal. + * Only enabled when `SkipClean` is not set true. + */ + class MuxVarsSanitizer extends Sanitizer { + MuxVarsSanitizer() { + exists(Function m | + m.hasQualifiedName(package("github.com/gorilla/mux", ""), "Vars") and + this = m.getACall().getResult() + ) and + not exists(CallExpr f | + f.getTarget() + .(Method) + .hasQualifiedName(package("github.com/gorilla/mux", ""), "Router", "SkipClean") and + f.getArgument(0).getBoolValue() = true + ) + } + } + /** * A read from the field `Filename` of the type `mime/multipart.FileHeader`, * considered as a sanitizer for path traversal. diff --git a/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md b/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md new file mode 100644 index 000000000000..e1577bf3a90f --- /dev/null +++ b/go/ql/src/change-notes/2024-10-14-gopathsanitizer.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added [github.com/gorilla/mux.Vars](https://pkg.go.dev/github.com/gorilla/mux#Vars) to path sanitizers (disabled if [github.com/gorilla/mix.Router.SkipClean](https://pkg.go.dev/github.com/gorilla/mux#Router.SkipClean) has been called). \ No newline at end of file diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go new file mode 100644 index 000000000000..a5af6de55803 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/MuxClean.go @@ -0,0 +1,22 @@ +package main + +import ( + "io/ioutil" + "net/http" + "path/filepath" + + "github.com/gorilla/mux" +) + +// GOOD: Sanitized by Gorilla's cleaner +func GorillaHandler(w http.ResponseWriter, r *http.Request) { + not_tainted_path := mux.Vars(r)["id"] + data, _ := ioutil.ReadFile(filepath.Join("/home/user/", not_tainted_path)) + w.Write(data) +} + +func main() { + var router = mux.NewRouter() + router.SkipClean(false) + router.HandleFunc("/{category}", GorillaHandler) +} diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.expected b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.expected new file mode 100644 index 000000000000..e217064d1dfc --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.expected @@ -0,0 +1,4 @@ +edges +nodes +subpaths +#select diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.qlref b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.qlref new file mode 100644 index 000000000000..6de14eaee24d --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/TaintedPath.qlref @@ -0,0 +1,2 @@ +query: Security/CWE-022/TaintedPath.ql +postprocess: TestUtilities/PrettyPrintModels.ql \ No newline at end of file diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/go.mod b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/go.mod new file mode 100644 index 000000000000..c173488c7c74 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/go.mod @@ -0,0 +1,5 @@ +module codeql-go-tests/frameworks/Mux + +go 1.14 + +require github.com/gorilla/mux v1.7.4 diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/LICENSE b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/LICENSE new file mode 100644 index 000000000000..6903df6386e9 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2012-2018 The Gorilla Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/stub.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/stub.go new file mode 100644 index 000000000000..62510300b2df --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/github.com/gorilla/mux/stub.go @@ -0,0 +1,252 @@ +// Code generated by depstubber. DO NOT EDIT. +// This is a simple stub for github.com/gorilla/mux, strictly for use in testing. + +// See the LICENSE file for information about the licensing of the original library. +// Source: github.com/gorilla/mux (exports: ; functions: Vars,NewRouter) + +// Package mux is a stub of github.com/gorilla/mux, generated by depstubber. +package mux + +import ( + http "net/http" + url "net/url" +) + +type BuildVarsFunc func(map[string]string) map[string]string + +type MatcherFunc func(*http.Request, *RouteMatch) bool + +func (_ MatcherFunc) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +type MiddlewareFunc func(http.Handler) http.Handler + +func (_ MiddlewareFunc) Middleware(_ http.Handler) http.Handler { + return nil +} + +func NewRouter() *Router { + return nil +} + +type Route struct{} + +func (_ *Route) BuildOnly() *Route { + return nil +} + +func (_ *Route) BuildVarsFunc(_ BuildVarsFunc) *Route { + return nil +} + +func (_ *Route) GetError() error { + return nil +} + +func (_ *Route) GetHandler() http.Handler { + return nil +} + +func (_ *Route) GetHostTemplate() (string, error) { + return "", nil +} + +func (_ *Route) GetMethods() ([]string, error) { + return nil, nil +} + +func (_ *Route) GetName() string { + return "" +} + +func (_ *Route) GetPathRegexp() (string, error) { + return "", nil +} + +func (_ *Route) GetPathTemplate() (string, error) { + return "", nil +} + +func (_ *Route) GetQueriesRegexp() ([]string, error) { + return nil, nil +} + +func (_ *Route) GetQueriesTemplates() ([]string, error) { + return nil, nil +} + +func (_ *Route) Handler(_ http.Handler) *Route { + return nil +} + +func (_ *Route) HandlerFunc(_ func(http.ResponseWriter, *http.Request)) *Route { + return nil +} + +func (_ *Route) Headers(_ ...string) *Route { + return nil +} + +func (_ *Route) HeadersRegexp(_ ...string) *Route { + return nil +} + +func (_ *Route) Host(_ string) *Route { + return nil +} + +func (_ *Route) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +func (_ *Route) MatcherFunc(_ MatcherFunc) *Route { + return nil +} + +func (_ *Route) Methods(_ ...string) *Route { + return nil +} + +func (_ *Route) Name(_ string) *Route { + return nil +} + +func (_ *Route) Path(_ string) *Route { + return nil +} + +func (_ *Route) PathPrefix(_ string) *Route { + return nil +} + +func (_ *Route) Queries(_ ...string) *Route { + return nil +} + +func (_ *Route) Schemes(_ ...string) *Route { + return nil +} + +func (_ *Route) SkipClean() bool { + return false +} + +func (_ *Route) Subrouter() *Router { + return nil +} + +func (_ *Route) URL(_ ...string) (*url.URL, error) { + return nil, nil +} + +func (_ *Route) URLHost(_ ...string) (*url.URL, error) { + return nil, nil +} + +func (_ *Route) URLPath(_ ...string) (*url.URL, error) { + return nil, nil +} + +type RouteMatch struct { + Route *Route + Handler http.Handler + Vars map[string]string + MatchErr error +} + +type Router struct { + NotFoundHandler http.Handler + MethodNotAllowedHandler http.Handler + KeepContext bool +} + +func (_ *Router) BuildVarsFunc(_ BuildVarsFunc) *Route { + return nil +} + +func (_ *Router) Get(_ string) *Route { + return nil +} + +func (_ *Router) GetRoute(_ string) *Route { + return nil +} + +func (_ *Router) Handle(_ string, _ http.Handler) *Route { + return nil +} + +func (_ *Router) HandleFunc(_ string, _ func(http.ResponseWriter, *http.Request)) *Route { + return nil +} + +func (_ *Router) Headers(_ ...string) *Route { + return nil +} + +func (_ *Router) Host(_ string) *Route { + return nil +} + +func (_ *Router) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +func (_ *Router) MatcherFunc(_ MatcherFunc) *Route { + return nil +} + +func (_ *Router) Methods(_ ...string) *Route { + return nil +} + +func (_ *Router) Name(_ string) *Route { + return nil +} + +func (_ *Router) NewRoute() *Route { + return nil +} + +func (_ *Router) Path(_ string) *Route { + return nil +} + +func (_ *Router) PathPrefix(_ string) *Route { + return nil +} + +func (_ *Router) Queries(_ ...string) *Route { + return nil +} + +func (_ *Router) Schemes(_ ...string) *Route { + return nil +} + +func (_ *Router) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {} + +func (_ *Router) SkipClean(_ bool) *Router { + return nil +} + +func (_ *Router) StrictSlash(_ bool) *Router { + return nil +} + +func (_ *Router) Use(_ ...MiddlewareFunc) {} + +func (_ *Router) UseEncodedPath() *Router { + return nil +} + +func (_ *Router) Walk(_ WalkFunc) error { + return nil +} + +func Vars(_ *http.Request) map[string]string { + return nil +} + +type WalkFunc func(*Route, *Router, []*Route) error diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/modules.txt b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/modules.txt new file mode 100644 index 000000000000..d96be1fa71b2 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxDefault/vendor/modules.txt @@ -0,0 +1,3 @@ +# github.com/gorilla/mux v1.7.4 +## explicit +github.com/gorilla/mux diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go new file mode 100644 index 000000000000..cb3b5d2a7b89 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/MuxClean.go @@ -0,0 +1,22 @@ +package main + +import ( + "io/ioutil" + "net/http" + "path/filepath" + + "github.com/gorilla/mux" +) + +// BAD: Gorilla's `Vars` is not a sanitizer as `Router.SkipClean` has been called +func GorillaHandler(w http.ResponseWriter, r *http.Request) { + not_tainted_path := mux.Vars(r)["id"] + data, _ := ioutil.ReadFile(filepath.Join("/home/user/", not_tainted_path)) + w.Write(data) +} + +func main() { + var router = mux.NewRouter() + router.SkipClean(true) + router.HandleFunc("/{category}", GorillaHandler) +} diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.expected b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.expected new file mode 100644 index 000000000000..887b9858ef36 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.expected @@ -0,0 +1,13 @@ +#select +| MuxClean.go:14:29:14:74 | call to Join | MuxClean.go:13:22:13:32 | call to Vars | MuxClean.go:14:29:14:74 | call to Join | This path depends on a $@. | MuxClean.go:13:22:13:32 | call to Vars | user-provided value | +edges +| MuxClean.go:13:22:13:32 | call to Vars | MuxClean.go:14:58:14:73 | not_tainted_path | provenance | Src:MaD:2 | +| MuxClean.go:14:58:14:73 | not_tainted_path | MuxClean.go:14:29:14:74 | call to Join | provenance | FunctionModel Sink:MaD:1 | +models +| 1 | Sink: io/ioutil; ; false; ReadFile; ; ; Argument[0]; path-injection; manual | +| 2 | Source: github.com/gorilla/mux; ; true; Vars; ; ; ReturnValue; remote; manual | +nodes +| MuxClean.go:13:22:13:32 | call to Vars | semmle.label | call to Vars | +| MuxClean.go:14:29:14:74 | call to Join | semmle.label | call to Join | +| MuxClean.go:14:58:14:73 | not_tainted_path | semmle.label | not_tainted_path | +subpaths diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.qlref b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.qlref new file mode 100644 index 000000000000..6de14eaee24d --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/TaintedPath.qlref @@ -0,0 +1,2 @@ +query: Security/CWE-022/TaintedPath.ql +postprocess: TestUtilities/PrettyPrintModels.ql \ No newline at end of file diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/go.mod b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/go.mod new file mode 100644 index 000000000000..c173488c7c74 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/go.mod @@ -0,0 +1,5 @@ +module codeql-go-tests/frameworks/Mux + +go 1.14 + +require github.com/gorilla/mux v1.7.4 diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/LICENSE b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/LICENSE new file mode 100644 index 000000000000..6903df6386e9 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2012-2018 The Gorilla Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/stub.go b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/stub.go new file mode 100644 index 000000000000..62510300b2df --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/github.com/gorilla/mux/stub.go @@ -0,0 +1,252 @@ +// Code generated by depstubber. DO NOT EDIT. +// This is a simple stub for github.com/gorilla/mux, strictly for use in testing. + +// See the LICENSE file for information about the licensing of the original library. +// Source: github.com/gorilla/mux (exports: ; functions: Vars,NewRouter) + +// Package mux is a stub of github.com/gorilla/mux, generated by depstubber. +package mux + +import ( + http "net/http" + url "net/url" +) + +type BuildVarsFunc func(map[string]string) map[string]string + +type MatcherFunc func(*http.Request, *RouteMatch) bool + +func (_ MatcherFunc) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +type MiddlewareFunc func(http.Handler) http.Handler + +func (_ MiddlewareFunc) Middleware(_ http.Handler) http.Handler { + return nil +} + +func NewRouter() *Router { + return nil +} + +type Route struct{} + +func (_ *Route) BuildOnly() *Route { + return nil +} + +func (_ *Route) BuildVarsFunc(_ BuildVarsFunc) *Route { + return nil +} + +func (_ *Route) GetError() error { + return nil +} + +func (_ *Route) GetHandler() http.Handler { + return nil +} + +func (_ *Route) GetHostTemplate() (string, error) { + return "", nil +} + +func (_ *Route) GetMethods() ([]string, error) { + return nil, nil +} + +func (_ *Route) GetName() string { + return "" +} + +func (_ *Route) GetPathRegexp() (string, error) { + return "", nil +} + +func (_ *Route) GetPathTemplate() (string, error) { + return "", nil +} + +func (_ *Route) GetQueriesRegexp() ([]string, error) { + return nil, nil +} + +func (_ *Route) GetQueriesTemplates() ([]string, error) { + return nil, nil +} + +func (_ *Route) Handler(_ http.Handler) *Route { + return nil +} + +func (_ *Route) HandlerFunc(_ func(http.ResponseWriter, *http.Request)) *Route { + return nil +} + +func (_ *Route) Headers(_ ...string) *Route { + return nil +} + +func (_ *Route) HeadersRegexp(_ ...string) *Route { + return nil +} + +func (_ *Route) Host(_ string) *Route { + return nil +} + +func (_ *Route) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +func (_ *Route) MatcherFunc(_ MatcherFunc) *Route { + return nil +} + +func (_ *Route) Methods(_ ...string) *Route { + return nil +} + +func (_ *Route) Name(_ string) *Route { + return nil +} + +func (_ *Route) Path(_ string) *Route { + return nil +} + +func (_ *Route) PathPrefix(_ string) *Route { + return nil +} + +func (_ *Route) Queries(_ ...string) *Route { + return nil +} + +func (_ *Route) Schemes(_ ...string) *Route { + return nil +} + +func (_ *Route) SkipClean() bool { + return false +} + +func (_ *Route) Subrouter() *Router { + return nil +} + +func (_ *Route) URL(_ ...string) (*url.URL, error) { + return nil, nil +} + +func (_ *Route) URLHost(_ ...string) (*url.URL, error) { + return nil, nil +} + +func (_ *Route) URLPath(_ ...string) (*url.URL, error) { + return nil, nil +} + +type RouteMatch struct { + Route *Route + Handler http.Handler + Vars map[string]string + MatchErr error +} + +type Router struct { + NotFoundHandler http.Handler + MethodNotAllowedHandler http.Handler + KeepContext bool +} + +func (_ *Router) BuildVarsFunc(_ BuildVarsFunc) *Route { + return nil +} + +func (_ *Router) Get(_ string) *Route { + return nil +} + +func (_ *Router) GetRoute(_ string) *Route { + return nil +} + +func (_ *Router) Handle(_ string, _ http.Handler) *Route { + return nil +} + +func (_ *Router) HandleFunc(_ string, _ func(http.ResponseWriter, *http.Request)) *Route { + return nil +} + +func (_ *Router) Headers(_ ...string) *Route { + return nil +} + +func (_ *Router) Host(_ string) *Route { + return nil +} + +func (_ *Router) Match(_ *http.Request, _ *RouteMatch) bool { + return false +} + +func (_ *Router) MatcherFunc(_ MatcherFunc) *Route { + return nil +} + +func (_ *Router) Methods(_ ...string) *Route { + return nil +} + +func (_ *Router) Name(_ string) *Route { + return nil +} + +func (_ *Router) NewRoute() *Route { + return nil +} + +func (_ *Router) Path(_ string) *Route { + return nil +} + +func (_ *Router) PathPrefix(_ string) *Route { + return nil +} + +func (_ *Router) Queries(_ ...string) *Route { + return nil +} + +func (_ *Router) Schemes(_ ...string) *Route { + return nil +} + +func (_ *Router) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {} + +func (_ *Router) SkipClean(_ bool) *Router { + return nil +} + +func (_ *Router) StrictSlash(_ bool) *Router { + return nil +} + +func (_ *Router) Use(_ ...MiddlewareFunc) {} + +func (_ *Router) UseEncodedPath() *Router { + return nil +} + +func (_ *Router) Walk(_ WalkFunc) error { + return nil +} + +func Vars(_ *http.Request) map[string]string { + return nil +} + +type WalkFunc func(*Route, *Router, []*Route) error diff --git a/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/modules.txt b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/modules.txt new file mode 100644 index 000000000000..d96be1fa71b2 --- /dev/null +++ b/go/ql/test/query-tests/Security/CWE-022/GorillaMuxSkipClean/vendor/modules.txt @@ -0,0 +1,3 @@ +# github.com/gorilla/mux v1.7.4 +## explicit +github.com/gorilla/mux