From 4193b7e591c3329f6d76b2512c4b25682c6a9dbc Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 3 Jul 2024 14:11:28 +0100 Subject: [PATCH 01/12] Allow grouping import paths for models-as-data --- go/ql/lib/ext/empty.model.yml | 4 + go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 78 ++++++++++++++++++- .../internal/ExternalFlowExtensions.qll | 5 ++ 3 files changed, 86 insertions(+), 1 deletion(-) diff --git a/go/ql/lib/ext/empty.model.yml b/go/ql/lib/ext/empty.model.yml index 867714a30443..8d661a9f1db6 100644 --- a/go/ql/lib/ext/empty.model.yml +++ b/go/ql/lib/ext/empty.model.yml @@ -17,3 +17,7 @@ extensions: pack: codeql/go-all extensible: neutralModel data: [] + - addsTo: + pack: codeql/go-all + extensible: packageGrouping + data: [] diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 583f96661a49..8ebc21ab6db9 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -78,7 +78,7 @@ */ private import go -import internal.ExternalFlowExtensions +import internal.ExternalFlowExtensions as FlowExtensions private import FlowSummary as FlowSummary private import internal.DataFlowPrivate private import internal.FlowSummaryImpl @@ -87,6 +87,82 @@ private import internal.FlowSummaryImpl::Private private import internal.FlowSummaryImpl::Private::External private import codeql.mad.ModelValidation as SharedModelVal +/** Gets the prefix for a group of packages. */ +string groupPrefix() { result = "group:" } + +/** Gets a group that `package` is in, according to `packageGrouping`. */ +private string getGroup(string package) { + exists(string group | + FlowExtensions::packageGrouping(group, package) and + result = groupPrefix() + group + ) +} + +/** + * Holds if a source model exists for the given parameters. + * + * Note that we consider all packages in the same group. + */ +predicate sourceModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string output, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + FlowExtensions::sourceModel(package, type, subtypes, name, signature, ext, output, kind, + provenance, madId) + or + // Also look for models that are defined for a group that `package` is part of. + FlowExtensions::sourceModel(getGroup(package), type, subtypes, name, signature, ext, output, kind, + provenance, madId) +} + +/** + * Holds if a sink model exists for the given parameters. + * + * Note that we consider all packages in the same group. + */ +predicate sinkModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string input, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + FlowExtensions::sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance, + madId) + or + // Also look for models that are defined for a group that `package` is part of. + FlowExtensions::sinkModel(getGroup(package), type, subtypes, name, signature, ext, input, kind, + provenance, madId) +} + +/** + * Holds if a summary model exists for the given parameters. + * + * Note that we consider all packages in the same group. + */ +predicate summaryModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId +) { + FlowExtensions::summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, + provenance, madId) + or + // Also look for models that are defined for a group that `package` is part of. + FlowExtensions::summaryModel(getGroup(package), type, subtypes, name, signature, ext, input, + output, kind, provenance, madId) +} + +/** + * Holds if a neutral model exists for the given parameters. + * + * Note that we consider all packages in the same group. + */ +predicate neutralModel( + string package, string type, string name, string signature, string kind, string provenance +) { + FlowExtensions::neutralModel(package, type, name, signature, kind, provenance) + or + // Also look for models that are defined for a group that `package` is part of. + FlowExtensions::neutralModel(getGroup(package), type, name, signature, kind, provenance) +} + /** * Holds if the given extension tuple `madId` should pretty-print as `model`. * diff --git a/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll b/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll index 1cc3fe7292ea..b1e1c906028c 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll @@ -32,3 +32,8 @@ extensible predicate summaryModel( extensible predicate neutralModel( string package, string type, string name, string signature, string kind, string provenance ); + +/** + * Holds if the package `package` is part of the group `group`. + */ +extensible predicate packageGrouping(string group, string package); From fde7d7b969454e73e359bedc992ce8b8b4383fdc Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 9 Jul 2024 11:07:02 +0100 Subject: [PATCH 02/12] Use `packageGrouping` for Beego models --- ...github.com.astaxie.beego.context.model.yml | 72 ++++++------------- .../ext/github.com.astaxie.beego.model.yml | 59 ++++++--------- .../github.com.astaxie.beego.utils.model.yml | 46 ++++++------ 3 files changed, 63 insertions(+), 114 deletions(-) diff --git a/go/ql/lib/ext/github.com.astaxie.beego.context.model.yml b/go/ql/lib/ext/github.com.astaxie.beego.context.model.yml index 5a41e55b6db4..89f8eeebfba4 100644 --- a/go/ql/lib/ext/github.com.astaxie.beego.context.model.yml +++ b/go/ql/lib/ext/github.com.astaxie.beego.context.model.yml @@ -1,58 +1,32 @@ extensions: + - addsTo: + pack: codeql/go-all + extensible: packageGrouping + data: + - ["beego-context", "github.com/astaxie/beego/context"] + - ["beego-context", "github.com/beego/beego/context"] + - ["beego-context", "github.com/beego/beego/server/web/context"] - addsTo: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/astaxie/beego/context", "", False, "WriteBody", "", "", "Argument[2]", "Argument[1]", "taint", "manual"] - - ["github.com/beego/beego/server/web/context", "", False, "WriteBody", "", "", "Argument[2]", "Argument[1]", "taint", "manual"] + - ["group:beego-context", "", False, "WriteBody", "", "", "Argument[2]", "Argument[1]", "taint", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Bind", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Data", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "GetData", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Header", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Param", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Params", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Query", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Refer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "Referer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "RequestBody", "", "", "", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "URI", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "URL", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "BeegoInput", True, "UserAgent", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego/context", "Context", True, "GetCookie", "", "", "ReturnValue", "remote", "manual"] - - - ["github.com/beego/beego/context", "BeegoInput", True, "Bind", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Data", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "GetData", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Header", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Param", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Params", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Query", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Refer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "Referer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "RequestBody", "", "", "", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "URI", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "URL", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "BeegoInput", True, "UserAgent", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/context", "Context", True, "GetCookie", "", "", "ReturnValue", "remote", "manual"] - - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Bind", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Data", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "GetData", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Header", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Param", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Params", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Query", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Refer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "Referer", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "RequestBody", "", "", "", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "URI", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "URL", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "BeegoInput", True, "UserAgent", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web/context", "Context", True, "GetCookie", "", "", "ReturnValue", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Bind", "", "", "Argument[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Data", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "GetData", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Header", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Param", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Params", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Query", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Refer", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "Referer", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "RequestBody", "", "", "", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "URI", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "URL", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "BeegoInput", True, "UserAgent", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego-context", "Context", True, "GetCookie", "", "", "ReturnValue", "remote", "manual"] diff --git a/go/ql/lib/ext/github.com.astaxie.beego.model.yml b/go/ql/lib/ext/github.com.astaxie.beego.model.yml index 27a9c9cb5904..ee14aa224d4f 100644 --- a/go/ql/lib/ext/github.com.astaxie.beego.model.yml +++ b/go/ql/lib/ext/github.com.astaxie.beego.model.yml @@ -1,48 +1,29 @@ extensions: + - addsTo: + pack: codeql/go-all + extensible: packageGrouping + data: + - ["beego", "github.com/astaxie/beego"] + - ["beego", "github.com/beego/beego"] + - ["beego", "github.com/beego/beego/server/web"] - addsTo: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/astaxie/beego", "", False, "HTML2str", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "Htmlquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "Htmlunquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "MapGet", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "ParseForm", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "Str2html", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego", "", False, "Substr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego", "", False, "HTML2str", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego", "", False, "Htmlquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego", "", False, "Htmlunquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego", "", False, "MapGet", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/beego/beego", "", False, "ParseForm", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["github.com/beego/beego", "", False, "Str2html", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego", "", False, "Substr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "HTML2str", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "Htmlquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "Htmlunquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "MapGet", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "ParseForm", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "Str2html", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/server/web", "", False, "Substr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego", "", False, "HTML2str", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego", "", False, "Htmlquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego", "", False, "Htmlunquote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego", "", False, "MapGet", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["group:beego", "", False, "ParseForm", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["group:beego", "", False, "Str2html", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego", "", False, "Substr", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/astaxie/beego", "Controller", True, "ParseForm", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/astaxie/beego", "Controller", True, "GetFile", "", "", "ReturnValue[0..1]", "remote", "manual"] - - ["github.com/astaxie/beego", "Controller", True, "GetFiles", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego", "Controller", True, "GetString", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego", "Controller", True, "GetStrings", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/astaxie/beego", "Controller", True, "Input", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "ParseForm", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "GetFile", "", "", "ReturnValue[0..1]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "GetFiles", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "GetString", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "GetStrings", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego", "Controller", True, "Input", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "ParseForm", "", "", "Argument[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "GetFile", "", "", "ReturnValue[0..1]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "GetFiles", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "GetString", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "GetStrings", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/beego/beego/server/web", "Controller", True, "Input", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego", "Controller", True, "ParseForm", "", "", "Argument[0]", "remote", "manual"] + - ["group:beego", "Controller", True, "GetFile", "", "", "ReturnValue[0..1]", "remote", "manual"] + - ["group:beego", "Controller", True, "GetFiles", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego", "Controller", True, "GetString", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego", "Controller", True, "GetStrings", "", "", "ReturnValue[0]", "remote", "manual"] + - ["group:beego", "Controller", True, "Input", "", "", "ReturnValue[0]", "remote", "manual"] diff --git a/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml b/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml index 261c1dab61a9..4eb0688e37e7 100644 --- a/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml +++ b/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml @@ -1,31 +1,25 @@ extensions: + - addsTo: + pack: codeql/go-all + extensible: packageGrouping + data: + - ["beego-utils", "github.com/astaxie/beego/utils"] + - ["beego-utils", "github.com/beego/beego/utils"] + - ["beego-utils", "github.com/beego/beego/core/utils"] - addsTo: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/astaxie/beego/utils", "", False, "SliceChunk", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceDiff", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceFilter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceIntersect", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceMerge", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SlicePad", "", "", "Argument[0..2]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceRand", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceReduce", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceShuffle", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "", False, "SliceUnique", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Items", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - - ["github.com/astaxie/beego/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceChunk", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceDiff", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceFilter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceIntersect", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceMerge", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SlicePad", "", "", "Argument[0..2]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceRand", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceReduce", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceShuffle", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "", False, "SliceUnique", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Items", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - - ["github.com/beego/beego/core/utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceChunk", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceDiff", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceFilter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceIntersect", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceMerge", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SlicePad", "", "", "Argument[0..2]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceRand", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceReduce", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceShuffle", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "", False, "SliceUnique", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "BeeMap", True, "Get", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "BeeMap", True, "Items", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] + - ["group:beego-utils", "BeeMap", True, "Set", "", "", "Argument[1]", "Argument[receiver]", "taint", "manual"] From 1e448d547dbd7b793fce778b13e26b26d53e026a Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 9 Jul 2024 16:04:38 +0100 Subject: [PATCH 03/12] Rename Beego MaD files using path from current version --- ...tils.model.yml => github.com.beego.beego.core.utils.model.yml} | 0 ...el.yml => github.com.beego.beego.server.web.context.model.yml} | 0 ...eego.model.yml => github.com.beego.beego.server.web.model.yml} | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename go/ql/lib/ext/{github.com.astaxie.beego.utils.model.yml => github.com.beego.beego.core.utils.model.yml} (100%) rename go/ql/lib/ext/{github.com.astaxie.beego.context.model.yml => github.com.beego.beego.server.web.context.model.yml} (100%) rename go/ql/lib/ext/{github.com.astaxie.beego.model.yml => github.com.beego.beego.server.web.model.yml} (100%) diff --git a/go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml b/go/ql/lib/ext/github.com.beego.beego.core.utils.model.yml similarity index 100% rename from go/ql/lib/ext/github.com.astaxie.beego.utils.model.yml rename to go/ql/lib/ext/github.com.beego.beego.core.utils.model.yml diff --git a/go/ql/lib/ext/github.com.astaxie.beego.context.model.yml b/go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml similarity index 100% rename from go/ql/lib/ext/github.com.astaxie.beego.context.model.yml rename to go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml diff --git a/go/ql/lib/ext/github.com.astaxie.beego.model.yml b/go/ql/lib/ext/github.com.beego.beego.server.web.model.yml similarity index 100% rename from go/ql/lib/ext/github.com.astaxie.beego.model.yml rename to go/ql/lib/ext/github.com.beego.beego.server.web.model.yml From 01afa360d7ce5db7cdd398af9b6a1a50ca8b728b Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 9 Jul 2024 16:05:25 +0100 Subject: [PATCH 04/12] Tests: accept model numbering changes --- .../go/frameworks/Beego/ReflectedXss.expected | 146 +++++++++--------- .../go/frameworks/Beego/TaintedPath.expected | 14 +- 2 files changed, 80 insertions(+), 80 deletions(-) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected index 6845b74b9126..81d770e777ce 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected @@ -1,104 +1,104 @@ edges -| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:252 | -| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:252 | -| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:252 | -| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:253 | -| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:254 | -| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:255 | -| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:256 | -| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:257 | -| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:258 | -| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:259 | -| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:260 | -| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:261 | -| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:263 | -| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:264 | -| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:265 | -| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:254 | -| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:254 | -| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:254 | -| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:254 | -| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:254 | -| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:254 | -| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:254 | -| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:254 | -| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:254 | +| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:254 | +| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:254 | +| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:254 | +| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:255 | +| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:256 | +| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:257 | +| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:258 | +| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:259 | +| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:260 | +| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:261 | +| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:262 | +| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:263 | +| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:265 | +| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:266 | +| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:267 | +| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:256 | +| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:256 | +| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:256 | +| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:256 | +| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:256 | +| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:256 | +| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:256 | +| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:256 | +| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:256 | | test.go:200:21:200:54 | call to HTML2str | test.go:200:14:200:55 | type conversion | provenance | | -| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:297 | +| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:272 | | test.go:201:21:201:57 | call to Htmlunquote | test.go:201:14:201:58 | type conversion | provenance | | -| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:299 | +| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:274 | | test.go:202:2:202:68 | ... := ...[0] | test.go:203:14:203:28 | type assertion | provenance | | -| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:300 | +| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:275 | | test.go:204:21:204:54 | call to Str2html | test.go:204:14:204:55 | type conversion | provenance | | -| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:302 | +| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:277 | | test.go:205:21:205:58 | call to Substr | test.go:205:14:205:59 | type conversion | provenance | | -| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:303 | +| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:278 | | test.go:207:6:207:6 | definition of s | test.go:209:14:209:28 | type conversion | provenance | | -| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:301 | -| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:319 | -| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:319 | +| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:276 | +| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:280 | +| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:280 | | test.go:225:2:225:32 | ... := ...[0] | test.go:226:14:226:20 | content | provenance | | -| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:613 | -| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:320 | -| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:321 | -| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:322 | -| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:323 | -| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:318 | -| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:321 | -| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:266 | -| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:266 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:320 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:320 | +| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:552 | +| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:281 | +| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:282 | +| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:283 | +| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:284 | +| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:279 | +| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:282 | +| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:268 | +| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:268 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:281 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:281 | | test.go:276:2:276:13 | definition of genericFiles [array] | test.go:297:51:297:62 | genericFiles [array] | provenance | | | test.go:278:21:278:28 | index expression | test.go:276:2:276:13 | definition of genericFiles [array] | provenance | | | test.go:283:44:283:60 | selection of Filename | test.go:283:21:283:61 | call to GetDisplayString | provenance | FunctionModel | | test.go:284:21:284:53 | call to SliceChunk | test.go:284:21:284:92 | selection of Filename | provenance | | -| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:336 | +| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:288 | | test.go:285:21:285:60 | call to SliceDiff | test.go:285:21:285:96 | selection of Filename | provenance | | -| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:337 | +| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:289 | | test.go:290:3:292:44 | call to SliceFilter | test.go:290:3:292:80 | selection of Filename | provenance | | -| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:338 | +| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:290 | | test.go:293:21:293:65 | call to SliceIntersect | test.go:293:21:293:101 | selection of Filename | provenance | | -| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:339 | +| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:291 | | test.go:294:21:294:65 | call to SliceIntersect | test.go:294:21:294:101 | selection of Filename | provenance | | -| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:339 | +| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:291 | | test.go:295:21:295:61 | call to SliceMerge | test.go:295:21:295:97 | selection of Filename | provenance | | -| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:340 | +| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:292 | | test.go:296:21:296:61 | call to SliceMerge | test.go:296:21:296:97 | selection of Filename | provenance | | -| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:340 | +| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:292 | | test.go:297:21:297:66 | call to SlicePad | test.go:297:21:297:102 | selection of Filename | provenance | | | test.go:297:51:297:62 | genericFiles [array] | test.go:297:51:297:65 | index expression | provenance | | -| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:341 | +| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:293 | | test.go:298:21:298:66 | call to SlicePad | test.go:298:21:298:102 | selection of Filename | provenance | | -| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:341 | +| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:293 | | test.go:299:21:299:49 | call to SliceRand | test.go:299:21:299:82 | selection of Filename | provenance | | -| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:342 | +| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:294 | | test.go:301:21:301:97 | call to SliceReduce | test.go:301:21:301:133 | selection of Filename | provenance | | -| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:343 | +| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:295 | | test.go:302:21:302:52 | call to SliceShuffle | test.go:302:21:302:88 | selection of Filename | provenance | | -| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:344 | +| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:296 | | test.go:303:21:303:51 | call to SliceUnique | test.go:303:21:303:87 | selection of Filename | provenance | | -| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:345 | +| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:297 | | test.go:308:2:308:5 | definition of bMap | test.go:311:21:311:24 | bMap | provenance | | | test.go:308:2:308:5 | definition of bMap | test.go:312:21:312:24 | bMap | provenance | | -| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:321 | -| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:348 | -| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:346 | +| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:282 | +| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:300 | +| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:298 | | test.go:311:21:311:39 | call to Get | test.go:311:21:311:48 | type assertion | provenance | | -| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:347 | +| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:299 | | test.go:312:21:312:32 | call to Items | test.go:312:21:312:52 | type assertion | provenance | | nodes | test.go:33:6:33:10 | definition of bound | semmle.label | definition of bound | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected index 9681164d8259..18d4f8ca300a 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected @@ -1,12 +1,12 @@ edges -| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:254 | -| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:254 | -| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:254 | -| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:262 MaD:187 | +| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:256 | +| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:256 | +| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:256 | +| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:264 MaD:187 | | test.go:324:40:324:43 | &... | test.go:326:35:326:43 | untrusted | provenance | | -| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:254 | -| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:284 | -| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:284 | +| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:256 | +| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:256 | +| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:256 | nodes | test.go:215:15:215:26 | call to Data | semmle.label | call to Data | | test.go:216:18:216:26 | untrusted | semmle.label | untrusted | From f650e3f72b24d63d86f363a63fa3831b4c3242a6 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 9 Jul 2024 16:19:09 +0100 Subject: [PATCH 05/12] Update MaD documentation explain "group:" in package column --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 8ebc21ab6db9..f5c946ac42c0 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -20,7 +20,10 @@ * 1. The `package` column selects a package. Note that if the package does not * contain a major version suffix (like "/v2") then we will match all major * versions. This can be disabled by putting `fixed-version:` at the start - * of the package path. + * of the package path. Also, instead of a package path, if this column is + * "group:" then it indicates that the row applies to all + * packages in the group `` according to the `packageGrouping` + * predicate. * 2. The `type` column selects a type within that package. * 3. The `subtypes` is a boolean that indicates whether to jump to an * arbitrary subtype of that type. From ab991af2a535109b53651916365931adad624e8e Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 9 Jul 2024 17:15:09 +0100 Subject: [PATCH 06/12] Fix package validation errors --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 55 +++++++++++-------- 1 file changed, 33 insertions(+), 22 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index f5c946ac42c0..014172689a35 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -110,12 +110,15 @@ predicate sourceModel( string package, string type, boolean subtypes, string name, string signature, string ext, string output, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - FlowExtensions::sourceModel(package, type, subtypes, name, signature, ext, output, kind, - provenance, madId) - or - // Also look for models that are defined for a group that `package` is part of. - FlowExtensions::sourceModel(getGroup(package), type, subtypes, name, signature, ext, output, kind, - provenance, madId) + exists(string p | + FlowExtensions::sourceModel(p, type, subtypes, name, signature, ext, output, kind, provenance, + madId) + | + not exists(string s | p = groupPrefix() + s) and package = p + or + // Also look for models that are defined for a group that `package` is part of. + p = getGroup(package) + ) } /** @@ -127,12 +130,15 @@ predicate sinkModel( string package, string type, boolean subtypes, string name, string signature, string ext, string input, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - FlowExtensions::sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance, - madId) - or - // Also look for models that are defined for a group that `package` is part of. - FlowExtensions::sinkModel(getGroup(package), type, subtypes, name, signature, ext, input, kind, - provenance, madId) + exists(string p | + FlowExtensions::sinkModel(p, type, subtypes, name, signature, ext, input, kind, provenance, + madId) + | + not exists(string s | p = groupPrefix() + s) and package = p + or + // Also look for models that are defined for a group that `package` is part of. + p = getGroup(package) + ) } /** @@ -144,12 +150,15 @@ predicate summaryModel( string package, string type, boolean subtypes, string name, string signature, string ext, string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - FlowExtensions::summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, - provenance, madId) - or - // Also look for models that are defined for a group that `package` is part of. - FlowExtensions::summaryModel(getGroup(package), type, subtypes, name, signature, ext, input, - output, kind, provenance, madId) + exists(string p | + FlowExtensions::summaryModel(p, type, subtypes, name, signature, ext, input, output, kind, + provenance, madId) + | + not exists(string s | p = groupPrefix() + s) and package = p + or + // Also look for models that are defined for a group that `package` is part of. + p = getGroup(package) + ) } /** @@ -160,10 +169,12 @@ predicate summaryModel( predicate neutralModel( string package, string type, string name, string signature, string kind, string provenance ) { - FlowExtensions::neutralModel(package, type, name, signature, kind, provenance) - or - // Also look for models that are defined for a group that `package` is part of. - FlowExtensions::neutralModel(getGroup(package), type, name, signature, kind, provenance) + exists(string p | FlowExtensions::neutralModel(p, type, name, signature, kind, provenance) | + not exists(string s | p = groupPrefix() + s) and package = p + or + // Also look for models that are defined for a group that `package` is part of. + p = getGroup(package) + ) } /** From f6b9195a61d3dfe99f599555d561ed433473f910 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 10 Jul 2024 10:05:02 +0100 Subject: [PATCH 07/12] Add validation of package groups --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 014172689a35..84a9bc1a3bea 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -376,12 +376,30 @@ module ModelValidation { ) } + private string getInvalidPackageGroup() { + exists(string pred, string group, string package | + FlowExtensions::sourceModel(package, _, _, _, _, _, _, _, _, _) and pred = "source" + or + FlowExtensions::sinkModel(package, _, _, _, _, _, _, _, _, _) and pred = "sink" + or + FlowExtensions::summaryModel(package, _, _, _, _, _, _, _, _, _, _) and + pred = "summary" + or + FlowExtensions::neutralModel(package, _, _, _, _, _) and + pred = "neutral" + | + package = groupPrefix() + group and + not FlowExtensions::packageGrouping(group, _) and + result = "Dubious package group \"" + package + "\" in " + pred + " model." + ) + } + /** Holds if some row in a MaD flow model appears to contain typos. */ query predicate invalidModelRow(string msg) { msg = [ getInvalidModelSignature(), getInvalidModelInput(), getInvalidModelOutput(), - KindVal::getInvalidModelKind() + KindVal::getInvalidModelKind(), getInvalidPackageGroup() ] } } From 3e2ebf436c78eb27368095a2d9783641e05de9c4 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 10 Jul 2024 15:26:07 +0100 Subject: [PATCH 08/12] Move logic for dealing with groups into a predicate --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 58 ++++++++----------- 1 file changed, 25 insertions(+), 33 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 84a9bc1a3bea..24fb6abf34c6 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -93,11 +93,20 @@ private import codeql.mad.ModelValidation as SharedModelVal /** Gets the prefix for a group of packages. */ string groupPrefix() { result = "group:" } -/** Gets a group that `package` is in, according to `packageGrouping`. */ -private string getGroup(string package) { +/** + * Gets a package represented by `packageOrGroup`. + * + * If `packageOrGroup` is of the form `group:` then `result` is a + * package in the group ``, as determined by `packageGrouping`. + * Otherwise, `result` is `packageOrGroup`. + */ +bindingset[packageOrGroup] +private string getPackage(string packageOrGroup) { + not exists(string s | packageOrGroup = groupPrefix() + s) and result = packageOrGroup + or exists(string group | - FlowExtensions::packageGrouping(group, package) and - result = groupPrefix() + group + FlowExtensions::packageGrouping(group, result) and + packageOrGroup = groupPrefix() + group ) } @@ -110,14 +119,10 @@ predicate sourceModel( string package, string type, boolean subtypes, string name, string signature, string ext, string output, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - exists(string p | - FlowExtensions::sourceModel(p, type, subtypes, name, signature, ext, output, kind, provenance, - madId) - | - not exists(string s | p = groupPrefix() + s) and package = p - or - // Also look for models that are defined for a group that `package` is part of. - p = getGroup(package) + exists(string packageOrGroup | + package = getPackage(packageOrGroup) and + FlowExtensions::sourceModel(packageOrGroup, type, subtypes, name, signature, ext, output, kind, + provenance, madId) ) } @@ -130,14 +135,9 @@ predicate sinkModel( string package, string type, boolean subtypes, string name, string signature, string ext, string input, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - exists(string p | - FlowExtensions::sinkModel(p, type, subtypes, name, signature, ext, input, kind, provenance, - madId) - | - not exists(string s | p = groupPrefix() + s) and package = p - or - // Also look for models that are defined for a group that `package` is part of. - p = getGroup(package) + exists(string packageOrGroup | package = getPackage(packageOrGroup) | + FlowExtensions::sinkModel(packageOrGroup, type, subtypes, name, signature, ext, input, kind, + provenance, madId) ) } @@ -150,14 +150,9 @@ predicate summaryModel( string package, string type, boolean subtypes, string name, string signature, string ext, string input, string output, string kind, string provenance, QlBuiltins::ExtensionId madId ) { - exists(string p | - FlowExtensions::summaryModel(p, type, subtypes, name, signature, ext, input, output, kind, - provenance, madId) - | - not exists(string s | p = groupPrefix() + s) and package = p - or - // Also look for models that are defined for a group that `package` is part of. - p = getGroup(package) + exists(string packageOrGroup | package = getPackage(packageOrGroup) | + FlowExtensions::summaryModel(packageOrGroup, type, subtypes, name, signature, ext, input, + output, kind, provenance, madId) ) } @@ -169,11 +164,8 @@ predicate summaryModel( predicate neutralModel( string package, string type, string name, string signature, string kind, string provenance ) { - exists(string p | FlowExtensions::neutralModel(p, type, name, signature, kind, provenance) | - not exists(string s | p = groupPrefix() + s) and package = p - or - // Also look for models that are defined for a group that `package` is part of. - p = getGroup(package) + exists(string packageOrGroup | package = getPackage(packageOrGroup) | + FlowExtensions::neutralModel(packageOrGroup, type, name, signature, kind, provenance) ) } From b64ef8439373556750b920107641f054bc4969ea Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 10 Jul 2024 15:28:54 +0100 Subject: [PATCH 09/12] Use `prefix()` method on string to check for group prefix --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 24fb6abf34c6..ba08e24e0e04 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -102,7 +102,7 @@ string groupPrefix() { result = "group:" } */ bindingset[packageOrGroup] private string getPackage(string packageOrGroup) { - not exists(string s | packageOrGroup = groupPrefix() + s) and result = packageOrGroup + not packageOrGroup.prefix(groupPrefix().length()) = groupPrefix() and result = packageOrGroup or exists(string group | FlowExtensions::packageGrouping(group, result) and From 32acff76c21ffea2a6aa51f2addc2983f479b63b Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 10 Jul 2024 15:29:38 +0100 Subject: [PATCH 10/12] Make `groupPrefix()` private This could be made public in future. But I expect that we will want to use this logic for QL models as well then we will want to move it into a different file, which will be much easier if it's all private at the moment. --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index ba08e24e0e04..84c3e71e4a96 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -91,7 +91,7 @@ private import internal.FlowSummaryImpl::Private::External private import codeql.mad.ModelValidation as SharedModelVal /** Gets the prefix for a group of packages. */ -string groupPrefix() { result = "group:" } +private string groupPrefix() { result = "group:" } /** * Gets a package represented by `packageOrGroup`. From 2c7fbda2ecc17510b60350d0be407d4b218019ad Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 10 Jul 2024 15:32:58 +0100 Subject: [PATCH 11/12] Accept review suggestion for QLDoc --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 84c3e71e4a96..f8a7457b11b0 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -113,7 +113,8 @@ private string getPackage(string packageOrGroup) { /** * Holds if a source model exists for the given parameters. * - * Note that we consider all packages in the same group. + * Note that `group:` references are expanded into one or more actual packages + * by this predicate. */ predicate sourceModel( string package, string type, boolean subtypes, string name, string signature, string ext, @@ -129,7 +130,8 @@ predicate sourceModel( /** * Holds if a sink model exists for the given parameters. * - * Note that we consider all packages in the same group. + * Note that `group:` references are expanded into one or more actual packages + * by this predicate. */ predicate sinkModel( string package, string type, boolean subtypes, string name, string signature, string ext, @@ -144,7 +146,8 @@ predicate sinkModel( /** * Holds if a summary model exists for the given parameters. * - * Note that we consider all packages in the same group. + * Note that `group:` references are expanded into one or more actual packages + * by this predicate. */ predicate summaryModel( string package, string type, boolean subtypes, string name, string signature, string ext, @@ -159,7 +162,8 @@ predicate summaryModel( /** * Holds if a neutral model exists for the given parameters. * - * Note that we consider all packages in the same group. + * Note that `group:` references are expanded into one or more actual packages + * by this predicate. */ predicate neutralModel( string package, string type, string name, string signature, string kind, string provenance From 3417605b6dfe154142f62bce7bc5f7ed58768867 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Thu, 11 Jul 2024 06:42:58 +0100 Subject: [PATCH 12/12] Tests: update provenance numbering --- .../CWE-090/LDAPInjection.expected | 28 ++-- .../test/experimental/CWE-203/Timing.expected | 6 +- .../CWE-287/ImproperLdapAuth.expected | 2 +- .../CWE-369/DivideByZero.expected | 12 +- .../DecompressionBombs.expected | 6 +- .../experimental/CWE-74/DsnInjection.expected | 2 +- .../HTMLTemplateEscapingPassthrough.expected | 26 ++-- go/ql/test/experimental/CWE-918/SSRF.expected | 18 +-- .../DefaultSanitizer.expected | 6 +- .../threat-models-flowtest1.expected | 4 +- .../threat-models-flowtest2.expected | 4 +- .../threat-models-flowtest3.expected | 4 +- .../threat-models-flowtest4.expected | 4 +- .../threat-models-flowtest5.expected | 4 +- .../threat-models-flowtest6.expected | 4 +- .../go/frameworks/Beego/ReflectedXss.expected | 144 +++++++++--------- .../go/frameworks/Beego/TaintedPath.expected | 14 +- .../frameworks/BeegoOrm/SqlInjection.expected | 64 ++++---- .../go/frameworks/Echo/ReflectedXss.expected | 14 +- .../go/frameworks/Encoding/jsoniter.expected | 8 +- .../go/frameworks/Revel/ReflectedXss.expected | 6 +- .../go/frameworks/Revel/TaintedPath.expected | 4 +- .../frameworks/Twirp/RequestForgery.expected | 4 +- .../frameworks/XNetHtml/ReflectedXss.expected | 38 ++--- .../frameworks/XNetHtml/SqlInjection.expected | 4 +- .../Security/CWE-022/ZipSlip.expected | 4 +- .../CWE-078/CommandInjection.expected | 16 +- .../Security/CWE-079/ReflectedXss.expected | 36 ++--- .../Security/CWE-089/SqlInjection.expected | 22 +-- .../Security/CWE-089/StringBreak.expected | 4 +- .../InsecureRandomness.expected | 2 +- .../CWE-347/MissingJwtSignatureCheck.expected | 14 +- .../BadRedirectCheck.expected | 4 +- .../OpenUrlRedirect/OpenUrlRedirect.expected | 4 +- .../Security/CWE-640/EmailInjection.expected | 26 ++-- .../Security/CWE-643/XPathInjection.expected | 24 +-- .../Security/CWE-918/RequestForgery.expected | 34 ++--- 37 files changed, 310 insertions(+), 310 deletions(-) diff --git a/go/ql/test/experimental/CWE-090/LDAPInjection.expected b/go/ql/test/experimental/CWE-090/LDAPInjection.expected index 1b21ad41b8e0..ff6470f80f04 100644 --- a/go/ql/test/experimental/CWE-090/LDAPInjection.expected +++ b/go/ql/test/experimental/CWE-090/LDAPInjection.expected @@ -1,18 +1,18 @@ edges -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:59:3:59:11 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:61:3:61:51 | ...+... | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:3:62:33 | slice literal | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:24:62:32 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:66:3:66:11 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:68:3:68:51 | ...+... | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:3:69:33 | slice literal | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:24:69:32 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:73:3:73:11 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:75:3:75:51 | ...+... | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:3:76:33 | slice literal | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:24:76:32 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:80:22:80:30 | untrusted | provenance | Src:MaD:747 | -| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:81:25:81:33 | untrusted | provenance | Src:MaD:747 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:59:3:59:11 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:61:3:61:51 | ...+... | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:3:62:33 | slice literal | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:24:62:32 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:66:3:66:11 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:68:3:68:51 | ...+... | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:3:69:33 | slice literal | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:24:69:32 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:73:3:73:11 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:75:3:75:51 | ...+... | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:3:76:33 | slice literal | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:24:76:32 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:80:22:80:30 | untrusted | provenance | Src:MaD:686 | +| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:81:25:81:33 | untrusted | provenance | Src:MaD:686 | | LDAPInjection.go:62:3:62:33 | slice literal [array] | LDAPInjection.go:62:3:62:33 | slice literal | provenance | | | LDAPInjection.go:62:24:62:32 | untrusted | LDAPInjection.go:62:3:62:33 | slice literal [array] | provenance | | | LDAPInjection.go:69:3:69:33 | slice literal [array] | LDAPInjection.go:69:3:69:33 | slice literal | provenance | | diff --git a/go/ql/test/experimental/CWE-203/Timing.expected b/go/ql/test/experimental/CWE-203/Timing.expected index 9abfb3d575b4..97462acd2492 100644 --- a/go/ql/test/experimental/CWE-203/Timing.expected +++ b/go/ql/test/experimental/CWE-203/Timing.expected @@ -1,9 +1,9 @@ edges -| timing.go:15:18:15:27 | selection of Header | timing.go:15:18:15:45 | call to Get | provenance | MaD:728 | +| timing.go:15:18:15:27 | selection of Header | timing.go:15:18:15:45 | call to Get | provenance | MaD:667 | | timing.go:15:18:15:45 | call to Get | timing.go:17:31:17:42 | headerSecret | provenance | | -| timing.go:28:18:28:27 | selection of Header | timing.go:28:18:28:45 | call to Get | provenance | MaD:728 | +| timing.go:28:18:28:27 | selection of Header | timing.go:28:18:28:45 | call to Get | provenance | MaD:667 | | timing.go:28:18:28:45 | call to Get | timing.go:30:47:30:58 | headerSecret | provenance | | -| timing.go:41:18:41:27 | selection of Header | timing.go:41:18:41:45 | call to Get | provenance | MaD:728 | +| timing.go:41:18:41:27 | selection of Header | timing.go:41:18:41:45 | call to Get | provenance | MaD:667 | | timing.go:41:18:41:45 | call to Get | timing.go:42:25:42:36 | headerSecret | provenance | | nodes | timing.go:15:18:15:27 | selection of Header | semmle.label | selection of Header | diff --git a/go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected b/go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected index 6c21e152efc7..c83a815689c7 100644 --- a/go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected +++ b/go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected @@ -1,5 +1,5 @@ edges -| ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:18:18:18:32 | call to Query | provenance | MaD:808 | +| ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:18:18:18:32 | call to Query | provenance | MaD:747 | | ImproperLdapAuth.go:18:18:18:32 | call to Query | ImproperLdapAuth.go:28:23:28:34 | bindPassword | provenance | | | ImproperLdapAuth.go:87:18:87:19 | "" | ImproperLdapAuth.go:97:23:97:34 | bindPassword | provenance | | nodes diff --git a/go/ql/test/experimental/CWE-369/DivideByZero.expected b/go/ql/test/experimental/CWE-369/DivideByZero.expected index 5303951e4dc8..8d54fe70758b 100644 --- a/go/ql/test/experimental/CWE-369/DivideByZero.expected +++ b/go/ql/test/experimental/CWE-369/DivideByZero.expected @@ -1,24 +1,24 @@ edges -| DivideByZero.go:10:12:10:16 | selection of URL | DivideByZero.go:10:12:10:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:10:12:10:16 | selection of URL | DivideByZero.go:10:12:10:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:10:12:10:24 | call to Query | DivideByZero.go:11:27:11:32 | param1 | provenance | | | DivideByZero.go:11:2:11:33 | ... := ...[0] | DivideByZero.go:12:16:12:20 | value | provenance | | | DivideByZero.go:11:27:11:32 | param1 | DivideByZero.go:11:2:11:33 | ... := ...[0] | provenance | Config | -| DivideByZero.go:17:12:17:16 | selection of URL | DivideByZero.go:17:12:17:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:17:12:17:16 | selection of URL | DivideByZero.go:17:12:17:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:17:12:17:24 | call to Query | DivideByZero.go:18:11:18:24 | type conversion | provenance | | | DivideByZero.go:18:11:18:24 | type conversion | DivideByZero.go:19:16:19:20 | value | provenance | | -| DivideByZero.go:24:12:24:16 | selection of URL | DivideByZero.go:24:12:24:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:24:12:24:16 | selection of URL | DivideByZero.go:24:12:24:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:24:12:24:24 | call to Query | DivideByZero.go:25:31:25:36 | param1 | provenance | | | DivideByZero.go:25:2:25:45 | ... := ...[0] | DivideByZero.go:26:16:26:20 | value | provenance | | | DivideByZero.go:25:31:25:36 | param1 | DivideByZero.go:25:2:25:45 | ... := ...[0] | provenance | Config | -| DivideByZero.go:31:12:31:16 | selection of URL | DivideByZero.go:31:12:31:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:31:12:31:16 | selection of URL | DivideByZero.go:31:12:31:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:31:12:31:24 | call to Query | DivideByZero.go:32:33:32:38 | param1 | provenance | | | DivideByZero.go:32:2:32:43 | ... := ...[0] | DivideByZero.go:33:16:33:20 | value | provenance | | | DivideByZero.go:32:33:32:38 | param1 | DivideByZero.go:32:2:32:43 | ... := ...[0] | provenance | Config | -| DivideByZero.go:38:12:38:16 | selection of URL | DivideByZero.go:38:12:38:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:38:12:38:16 | selection of URL | DivideByZero.go:38:12:38:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:38:12:38:24 | call to Query | DivideByZero.go:39:32:39:37 | param1 | provenance | | | DivideByZero.go:39:2:39:46 | ... := ...[0] | DivideByZero.go:40:16:40:20 | value | provenance | | | DivideByZero.go:39:32:39:37 | param1 | DivideByZero.go:39:2:39:46 | ... := ...[0] | provenance | Config | -| DivideByZero.go:54:12:54:16 | selection of URL | DivideByZero.go:54:12:54:24 | call to Query | provenance | MaD:808 | +| DivideByZero.go:54:12:54:16 | selection of URL | DivideByZero.go:54:12:54:24 | call to Query | provenance | MaD:747 | | DivideByZero.go:54:12:54:24 | call to Query | DivideByZero.go:55:11:55:24 | type conversion | provenance | | | DivideByZero.go:55:11:55:24 | type conversion | DivideByZero.go:57:17:57:21 | value | provenance | | nodes diff --git a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected index 691a39136461..c431b749378f 100644 --- a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected +++ b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected @@ -1,5 +1,5 @@ edges -| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | definition of filename | provenance | Src:MaD:743 | +| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | definition of filename | provenance | Src:MaD:682 | | test.go:60:15:60:26 | selection of Body | test.go:158:19:158:22 | definition of file | provenance | | | test.go:61:24:61:35 | selection of Body | test.go:169:28:169:31 | definition of file | provenance | | | test.go:62:13:62:24 | selection of Body | test.go:181:17:181:20 | definition of file | provenance | | @@ -31,7 +31,7 @@ edges | test.go:145:12:145:19 | call to Open | test.go:147:37:147:38 | rc | provenance | | | test.go:158:19:158:22 | definition of file | test.go:159:25:159:28 | file | provenance | | | test.go:159:2:159:29 | ... := ...[0] | test.go:160:48:160:52 | file1 | provenance | | -| test.go:159:25:159:28 | file | test.go:159:2:159:29 | ... := ...[0] | provenance | MaD:620 | +| test.go:159:25:159:28 | file | test.go:159:2:159:29 | ... := ...[0] | provenance | MaD:559 | | test.go:160:2:160:69 | ... := ...[0] | test.go:163:26:163:29 | file | provenance | | | test.go:160:32:160:53 | call to NewReader | test.go:160:2:160:69 | ... := ...[0] | provenance | Config | | test.go:160:48:160:52 | file1 | test.go:160:32:160:53 | call to NewReader | provenance | MaD:46 | @@ -39,7 +39,7 @@ edges | test.go:163:26:163:29 | file | test.go:163:3:163:36 | ... := ...[0] | provenance | MaD:8 | | test.go:169:28:169:31 | definition of file | test.go:170:25:170:28 | file | provenance | | | test.go:170:2:170:29 | ... := ...[0] | test.go:171:57:171:61 | file2 | provenance | | -| test.go:170:25:170:28 | file | test.go:170:2:170:29 | ... := ...[0] | provenance | MaD:620 | +| test.go:170:25:170:28 | file | test.go:170:2:170:29 | ... := ...[0] | provenance | MaD:559 | | test.go:171:2:171:78 | ... := ...[0] | test.go:175:26:175:29 | file | provenance | | | test.go:171:41:171:62 | call to NewReader | test.go:171:2:171:78 | ... := ...[0] | provenance | Config | | test.go:171:57:171:61 | file2 | test.go:171:41:171:62 | call to NewReader | provenance | MaD:46 | diff --git a/go/ql/test/experimental/CWE-74/DsnInjection.expected b/go/ql/test/experimental/CWE-74/DsnInjection.expected index d305280c9e11..84911854fb14 100644 --- a/go/ql/test/experimental/CWE-74/DsnInjection.expected +++ b/go/ql/test/experimental/CWE-74/DsnInjection.expected @@ -1,5 +1,5 @@ edges -| Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:49:102:49:105 | name | provenance | Src:MaD:743 | +| Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:49:102:49:105 | name | provenance | Src:MaD:682 | | Dsn.go:49:11:49:106 | []type{args} [array] | Dsn.go:49:11:49:106 | call to Sprintf | provenance | MaD:248 | | Dsn.go:49:11:49:106 | call to Sprintf | Dsn.go:50:29:50:33 | dbDSN | provenance | | | Dsn.go:49:102:49:105 | name | Dsn.go:49:11:49:106 | []type{args} [array] | provenance | | diff --git a/go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected b/go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected index c697e5398030..3e94b795995a 100644 --- a/go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected +++ b/go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected @@ -1,28 +1,28 @@ edges | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | HTMLTemplateEscapingPassthrough.go:30:39:30:39 | a | provenance | | -| HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | HTMLTemplateEscapingPassthrough.go:36:40:36:40 | a | provenance | | -| HTMLTemplateEscapingPassthrough.go:35:23:35:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:35:23:35:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | HTMLTemplateEscapingPassthrough.go:41:40:41:40 | a | provenance | | -| HTMLTemplateEscapingPassthrough.go:40:19:40:33 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:40:19:40:33 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | HTMLTemplateEscapingPassthrough.go:47:41:47:41 | c | provenance | | -| HTMLTemplateEscapingPassthrough.go:46:29:46:43 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:46:29:46:43 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | HTMLTemplateEscapingPassthrough.go:51:44:51:44 | d | provenance | | -| HTMLTemplateEscapingPassthrough.go:50:23:50:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:50:23:50:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | HTMLTemplateEscapingPassthrough.go:55:44:55:44 | e | provenance | | -| HTMLTemplateEscapingPassthrough.go:54:26:54:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:54:26:54:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | HTMLTemplateEscapingPassthrough.go:59:38:59:38 | b | provenance | | -| HTMLTemplateEscapingPassthrough.go:58:24:58:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:58:24:58:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | HTMLTemplateEscapingPassthrough.go:63:44:63:44 | f | provenance | | -| HTMLTemplateEscapingPassthrough.go:62:27:62:41 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:62:27:62:41 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | HTMLTemplateEscapingPassthrough.go:67:38:67:38 | g | provenance | | -| HTMLTemplateEscapingPassthrough.go:66:24:66:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | provenance | Src:MaD:747 | -| HTMLTemplateEscapingPassthrough.go:75:17:75:31 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:76:38:76:44 | escaped | provenance | Src:MaD:747 | -| HTMLTemplateEscapingPassthrough.go:81:10:81:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:84:38:84:40 | src | provenance | Src:MaD:747 | -| HTMLTemplateEscapingPassthrough.go:89:10:89:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | provenance | Src:MaD:747 | +| HTMLTemplateEscapingPassthrough.go:66:24:66:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | provenance | Src:MaD:686 | +| HTMLTemplateEscapingPassthrough.go:75:17:75:31 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:76:38:76:44 | escaped | provenance | Src:MaD:686 | +| HTMLTemplateEscapingPassthrough.go:81:10:81:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:84:38:84:40 | src | provenance | Src:MaD:686 | +| HTMLTemplateEscapingPassthrough.go:89:10:89:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | provenance | Src:MaD:686 | | HTMLTemplateEscapingPassthrough.go:91:16:91:77 | type conversion | HTMLTemplateEscapingPassthrough.go:92:38:92:46 | converted | provenance | | | HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | HTMLTemplateEscapingPassthrough.go:91:16:91:77 | type conversion | provenance | | -| HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | provenance | MaD:595 | +| HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | provenance | MaD:534 | nodes | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | semmle.label | type conversion | | HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | semmle.label | call to UserAgent | diff --git a/go/ql/test/experimental/CWE-918/SSRF.expected b/go/ql/test/experimental/CWE-918/SSRF.expected index 92b571da8e4b..081fcf1cd4bb 100644 --- a/go/ql/test/experimental/CWE-918/SSRF.expected +++ b/go/ql/test/experimental/CWE-918/SSRF.expected @@ -1,9 +1,9 @@ edges -| builtin.go:19:12:19:34 | call to FormValue | builtin.go:22:21:22:62 | ...+... | provenance | Src:MaD:743 | -| builtin.go:83:21:83:31 | call to Referer | builtin.go:88:27:88:40 | untrustedInput | provenance | Src:MaD:746 | -| builtin.go:97:21:97:31 | call to Referer | builtin.go:101:36:101:49 | untrustedInput | provenance | Src:MaD:746 | -| builtin.go:111:21:111:31 | call to Referer | builtin.go:114:15:114:28 | untrustedInput | provenance | Src:MaD:746 | -| builtin.go:129:21:129:31 | call to Referer | builtin.go:132:38:132:51 | untrustedInput | provenance | Src:MaD:746 | +| builtin.go:19:12:19:34 | call to FormValue | builtin.go:22:21:22:62 | ...+... | provenance | Src:MaD:682 | +| builtin.go:83:21:83:31 | call to Referer | builtin.go:88:27:88:40 | untrustedInput | provenance | Src:MaD:685 | +| builtin.go:97:21:97:31 | call to Referer | builtin.go:101:36:101:49 | untrustedInput | provenance | Src:MaD:685 | +| builtin.go:111:21:111:31 | call to Referer | builtin.go:114:15:114:28 | untrustedInput | provenance | Src:MaD:685 | +| builtin.go:129:21:129:31 | call to Referer | builtin.go:132:38:132:51 | untrustedInput | provenance | Src:MaD:685 | | new-tests.go:26:26:26:30 | &... | new-tests.go:31:48:31:56 | selection of word | provenance | | | new-tests.go:26:26:26:30 | &... | new-tests.go:32:48:32:56 | selection of safe | provenance | | | new-tests.go:26:26:26:30 | &... | new-tests.go:35:49:35:57 | selection of word | provenance | | @@ -19,7 +19,7 @@ edges | new-tests.go:39:18:39:30 | call to Param | new-tests.go:47:11:47:46 | ...+... | provenance | | | new-tests.go:49:18:49:30 | call to Query | new-tests.go:50:11:50:46 | ...+... | provenance | | | new-tests.go:62:2:62:39 | ... := ...[0] | new-tests.go:63:17:63:23 | reqBody | provenance | | -| new-tests.go:62:31:62:38 | selection of Body | new-tests.go:62:2:62:39 | ... := ...[0] | provenance | MaD:613 | +| new-tests.go:62:31:62:38 | selection of Body | new-tests.go:62:2:62:39 | ... := ...[0] | provenance | MaD:552 | | new-tests.go:63:17:63:23 | reqBody | new-tests.go:63:26:63:30 | &... | provenance | MaD:187 | | new-tests.go:63:26:63:30 | &... | new-tests.go:68:48:68:56 | selection of word | provenance | | | new-tests.go:63:26:63:30 | &... | new-tests.go:69:48:69:56 | selection of safe | provenance | | @@ -33,12 +33,12 @@ edges | new-tests.go:74:12:74:58 | []type{args} [array] | new-tests.go:74:12:74:58 | call to Sprintf | provenance | MaD:248 | | new-tests.go:74:49:74:57 | selection of word | new-tests.go:74:12:74:58 | []type{args} [array] | provenance | | | new-tests.go:74:49:74:57 | selection of word | new-tests.go:74:12:74:58 | call to Sprintf | provenance | FunctionModel | -| new-tests.go:78:18:78:24 | selection of URL | new-tests.go:78:18:78:32 | call to Query | provenance | MaD:808 | -| new-tests.go:78:18:78:32 | call to Query | new-tests.go:78:18:78:46 | call to Get | provenance | MaD:815 | +| new-tests.go:78:18:78:24 | selection of URL | new-tests.go:78:18:78:32 | call to Query | provenance | MaD:747 | +| new-tests.go:78:18:78:32 | call to Query | new-tests.go:78:18:78:46 | call to Get | provenance | MaD:754 | | new-tests.go:78:18:78:46 | call to Get | new-tests.go:79:11:79:46 | ...+... | provenance | | | new-tests.go:81:18:81:67 | call to TrimPrefix | new-tests.go:82:11:82:46 | ...+... | provenance | | | new-tests.go:81:37:81:43 | selection of URL | new-tests.go:81:37:81:48 | selection of Path | provenance | | -| new-tests.go:81:37:81:48 | selection of Path | new-tests.go:81:18:81:67 | call to TrimPrefix | provenance | MaD:931 | +| new-tests.go:81:37:81:48 | selection of Path | new-tests.go:81:18:81:67 | call to TrimPrefix | provenance | MaD:870 | | new-tests.go:86:10:86:20 | call to Vars | new-tests.go:88:11:88:46 | ...+... | provenance | | | new-tests.go:95:18:95:45 | call to URLParam | new-tests.go:96:11:96:46 | ...+... | provenance | | nodes diff --git a/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected b/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected index 6140dbb7d080..a19e41c241cc 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected @@ -1,10 +1,10 @@ edges | Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | | -| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:626 | +| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:565 | | Builtin.go:12:2:12:2 | definition of b | Builtin.go:17:9:17:17 | type conversion | provenance | | -| Builtin.go:13:2:13:15 | selection of Body | Builtin.go:12:2:12:2 | definition of b | provenance | MaD:626 | +| Builtin.go:13:2:13:15 | selection of Body | Builtin.go:12:2:12:2 | definition of b | provenance | MaD:565 | | Builtin.go:21:2:21:2 | definition of b | Builtin.go:24:10:24:18 | type conversion | provenance | | -| Builtin.go:22:2:22:15 | selection of Body | Builtin.go:21:2:21:2 | definition of b | provenance | MaD:626 | +| Builtin.go:22:2:22:15 | selection of Body | Builtin.go:21:2:21:2 | definition of b | provenance | MaD:565 | nodes | Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b | | Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest1.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest1.expected index 048fde10674e..9bffdf15a4cb 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest1.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest1.expected @@ -1,6 +1,6 @@ edges -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:32:11:32:15 | selection of URL | semmle.label | selection of URL | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest2.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest2.expected index 7c9b9865e855..459c7601a368 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest2.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest2.expected @@ -1,7 +1,7 @@ edges | test.go:27:11:27:63 | call to ExecuteQuery | test.go:28:7:28:11 | query | provenance | Src:MaD:1 | -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:27:11:27:63 | call to ExecuteQuery | semmle.label | call to ExecuteQuery | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.expected index 8d488a8346bc..357bc6b4c916 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.expected @@ -2,8 +2,8 @@ edges | test.go:9:10:9:40 | call to ReadEnvironment | test.go:11:7:11:29 | ...+... | provenance | Src:MaD:2 | | test.go:15:9:15:32 | call to GetCliArg | test.go:17:7:17:28 | ...+... | provenance | Src:MaD:4 | | test.go:27:11:27:63 | call to ExecuteQuery | test.go:28:7:28:11 | query | provenance | Src:MaD:1 | -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:9:10:9:40 | call to ReadEnvironment | semmle.label | call to ReadEnvironment | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.expected index df5bff83eb7a..0675c895e229 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.expected @@ -3,8 +3,8 @@ edges | test.go:15:9:15:32 | call to GetCliArg | test.go:17:7:17:28 | ...+... | provenance | Src:MaD:4 | | test.go:21:11:21:36 | call to GetCustom | test.go:23:7:23:30 | ...+... | provenance | Src:MaD:3 | | test.go:27:11:27:63 | call to ExecuteQuery | test.go:28:7:28:11 | query | provenance | Src:MaD:1 | -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:9:10:9:40 | call to ReadEnvironment | semmle.label | call to ReadEnvironment | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.expected index 824d22e1e91e..833e9b7ae675 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.expected @@ -1,8 +1,8 @@ edges | test.go:9:10:9:40 | call to ReadEnvironment | test.go:11:7:11:29 | ...+... | provenance | Src:MaD:3 | | test.go:15:9:15:32 | call to GetCliArg | test.go:17:7:17:28 | ...+... | provenance | Src:MaD:5 | -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:9:10:9:40 | call to ReadEnvironment | semmle.label | call to ReadEnvironment | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest6.expected b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest6.expected index 789c6d954c8c..a255c58f19ab 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest6.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest6.expected @@ -1,8 +1,8 @@ edges | test.go:15:9:15:32 | call to GetCliArg | test.go:17:7:17:28 | ...+... | provenance | Src:MaD:5 | | test.go:27:11:27:63 | call to ExecuteQuery | test.go:28:7:28:11 | query | provenance | Src:MaD:2 | -| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:808 | -| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:815 | +| test.go:32:11:32:15 | selection of URL | test.go:32:11:32:23 | call to Query | provenance | MaD:747 | +| test.go:32:11:32:23 | call to Query | test.go:32:11:32:36 | call to Get | provenance | MaD:754 | | test.go:32:11:32:36 | call to Get | test.go:34:7:34:30 | ...+... | provenance | | nodes | test.go:15:9:15:32 | call to GetCliArg | semmle.label | call to GetCliArg | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected index 81d770e777ce..9f76a01ff824 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected @@ -1,104 +1,104 @@ edges -| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:254 | -| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:254 | -| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:254 | -| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:255 | -| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:256 | -| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:257 | -| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:258 | -| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:259 | -| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:260 | -| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:261 | -| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:262 | -| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:263 | -| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:265 | -| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:266 | -| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:267 | -| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:256 | -| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:256 | -| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:256 | -| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:256 | -| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:256 | -| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:256 | -| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:256 | -| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:256 | -| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:256 | +| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:270 | +| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:270 | +| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:270 | +| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:271 | +| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:272 | +| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:273 | +| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:274 | +| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:275 | +| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:276 | +| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:277 | +| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:278 | +| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:279 | +| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:281 | +| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:282 | +| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:283 | +| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:272 | +| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:272 | +| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:272 | +| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:272 | +| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:272 | +| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:272 | +| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:272 | +| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:272 | +| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:272 | | test.go:200:21:200:54 | call to HTML2str | test.go:200:14:200:55 | type conversion | provenance | | -| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:272 | +| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:288 | | test.go:201:21:201:57 | call to Htmlunquote | test.go:201:14:201:58 | type conversion | provenance | | -| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:274 | +| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:290 | | test.go:202:2:202:68 | ... := ...[0] | test.go:203:14:203:28 | type assertion | provenance | | -| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:275 | +| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:291 | | test.go:204:21:204:54 | call to Str2html | test.go:204:14:204:55 | type conversion | provenance | | -| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:277 | +| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:293 | | test.go:205:21:205:58 | call to Substr | test.go:205:14:205:59 | type conversion | provenance | | -| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:278 | +| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:294 | | test.go:207:6:207:6 | definition of s | test.go:209:14:209:28 | type conversion | provenance | | -| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:276 | -| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:280 | -| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:280 | +| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:292 | +| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:296 | +| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:296 | | test.go:225:2:225:32 | ... := ...[0] | test.go:226:14:226:20 | content | provenance | | | test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:552 | -| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:281 | -| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:282 | -| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:283 | -| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:284 | -| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:279 | -| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:282 | -| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:268 | -| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:268 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:281 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:281 | +| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:297 | +| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:298 | +| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:299 | +| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:300 | +| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:295 | +| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:298 | +| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:284 | +| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:284 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:297 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:297 | | test.go:276:2:276:13 | definition of genericFiles [array] | test.go:297:51:297:62 | genericFiles [array] | provenance | | | test.go:278:21:278:28 | index expression | test.go:276:2:276:13 | definition of genericFiles [array] | provenance | | | test.go:283:44:283:60 | selection of Filename | test.go:283:21:283:61 | call to GetDisplayString | provenance | FunctionModel | | test.go:284:21:284:53 | call to SliceChunk | test.go:284:21:284:92 | selection of Filename | provenance | | -| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:288 | +| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:253 | | test.go:285:21:285:60 | call to SliceDiff | test.go:285:21:285:96 | selection of Filename | provenance | | -| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:289 | +| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:254 | | test.go:290:3:292:44 | call to SliceFilter | test.go:290:3:292:80 | selection of Filename | provenance | | -| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:290 | +| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:255 | | test.go:293:21:293:65 | call to SliceIntersect | test.go:293:21:293:101 | selection of Filename | provenance | | -| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:291 | +| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:256 | | test.go:294:21:294:65 | call to SliceIntersect | test.go:294:21:294:101 | selection of Filename | provenance | | -| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:291 | +| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:256 | | test.go:295:21:295:61 | call to SliceMerge | test.go:295:21:295:97 | selection of Filename | provenance | | -| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:292 | +| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:257 | | test.go:296:21:296:61 | call to SliceMerge | test.go:296:21:296:97 | selection of Filename | provenance | | -| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:292 | +| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:257 | | test.go:297:21:297:66 | call to SlicePad | test.go:297:21:297:102 | selection of Filename | provenance | | | test.go:297:51:297:62 | genericFiles [array] | test.go:297:51:297:65 | index expression | provenance | | -| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:293 | +| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:258 | | test.go:298:21:298:66 | call to SlicePad | test.go:298:21:298:102 | selection of Filename | provenance | | -| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:293 | +| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:258 | | test.go:299:21:299:49 | call to SliceRand | test.go:299:21:299:82 | selection of Filename | provenance | | -| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:294 | +| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:259 | | test.go:301:21:301:97 | call to SliceReduce | test.go:301:21:301:133 | selection of Filename | provenance | | -| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:295 | +| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:260 | | test.go:302:21:302:52 | call to SliceShuffle | test.go:302:21:302:88 | selection of Filename | provenance | | -| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:296 | +| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:261 | | test.go:303:21:303:51 | call to SliceUnique | test.go:303:21:303:87 | selection of Filename | provenance | | -| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:297 | +| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:262 | | test.go:308:2:308:5 | definition of bMap | test.go:311:21:311:24 | bMap | provenance | | | test.go:308:2:308:5 | definition of bMap | test.go:312:21:312:24 | bMap | provenance | | -| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:282 | -| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:300 | -| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:298 | +| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:298 | +| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:265 | +| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:263 | | test.go:311:21:311:39 | call to Get | test.go:311:21:311:48 | type assertion | provenance | | -| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:299 | +| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:264 | | test.go:312:21:312:32 | call to Items | test.go:312:21:312:52 | type assertion | provenance | | nodes | test.go:33:6:33:10 | definition of bound | semmle.label | definition of bound | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected index 18d4f8ca300a..001f56be494f 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected @@ -1,12 +1,12 @@ edges -| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:256 | -| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:256 | -| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:256 | -| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:264 MaD:187 | +| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:272 | +| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:272 | +| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:272 | +| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:280 MaD:187 | | test.go:324:40:324:43 | &... | test.go:326:35:326:43 | untrusted | provenance | | -| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:256 | -| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:256 | -| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:256 | +| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:272 | +| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:272 | +| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:272 | nodes | test.go:215:15:215:26 | call to Data | semmle.label | call to Data | | test.go:216:18:216:26 | untrusted | semmle.label | untrusted | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected b/go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected index cf07b5e5f74a..cbdfc45c9124 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected @@ -1,36 +1,36 @@ edges -| test.go:10:15:10:41 | call to UserAgent | test.go:12:11:12:19 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:13:23:13:31 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:14:14:14:22 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:15:26:15:34 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:16:12:16:20 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:17:24:17:32 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:18:15:18:23 | untrusted | provenance | Src:MaD:747 | -| test.go:10:15:10:41 | call to UserAgent | test.go:19:27:19:35 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:26:12:26:20 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:27:10:27:18 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:28:15:28:23 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:29:14:29:22 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:30:15:30:23 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:31:8:31:16 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:32:11:32:19 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:33:9:33:17 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:34:8:34:16 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:35:8:35:16 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:36:13:36:21 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:37:13:37:21 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:38:12:38:20 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:39:12:39:20 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:40:9:40:17 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:41:12:41:20 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:42:16:42:24 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:42:27:42:35 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:43:12:43:20 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:44:14:44:22 | untrusted | provenance | Src:MaD:747 | -| test.go:24:15:24:41 | call to UserAgent | test.go:44:25:44:33 | untrusted | provenance | Src:MaD:747 | -| test.go:48:15:48:41 | call to UserAgent | test.go:49:12:49:20 | untrusted | provenance | Src:MaD:747 | -| test.go:54:15:54:41 | call to UserAgent | test.go:56:31:56:39 | untrusted | provenance | Src:MaD:747 | -| test.go:60:15:60:41 | call to UserAgent | test.go:62:19:62:27 | untrusted | provenance | Src:MaD:747 | +| test.go:10:15:10:41 | call to UserAgent | test.go:12:11:12:19 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:13:23:13:31 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:14:14:14:22 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:15:26:15:34 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:16:12:16:20 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:17:24:17:32 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:18:15:18:23 | untrusted | provenance | Src:MaD:686 | +| test.go:10:15:10:41 | call to UserAgent | test.go:19:27:19:35 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:26:12:26:20 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:27:10:27:18 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:28:15:28:23 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:29:14:29:22 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:30:15:30:23 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:31:8:31:16 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:32:11:32:19 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:33:9:33:17 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:34:8:34:16 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:35:8:35:16 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:36:13:36:21 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:37:13:37:21 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:38:12:38:20 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:39:12:39:20 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:40:9:40:17 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:41:12:41:20 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:42:16:42:24 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:42:27:42:35 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:43:12:43:20 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:44:14:44:22 | untrusted | provenance | Src:MaD:686 | +| test.go:24:15:24:41 | call to UserAgent | test.go:44:25:44:33 | untrusted | provenance | Src:MaD:686 | +| test.go:48:15:48:41 | call to UserAgent | test.go:49:12:49:20 | untrusted | provenance | Src:MaD:686 | +| test.go:54:15:54:41 | call to UserAgent | test.go:56:31:56:39 | untrusted | provenance | Src:MaD:686 | +| test.go:60:15:60:41 | call to UserAgent | test.go:62:19:62:27 | untrusted | provenance | Src:MaD:686 | nodes | test.go:10:15:10:41 | call to UserAgent | semmle.label | call to UserAgent | | test.go:12:11:12:19 | untrusted | semmle.label | untrusted | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected index ffb416f5824d..897c61f42154 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected @@ -8,28 +8,28 @@ edges | test.go:51:2:51:30 | ... := ...[0] | test.go:52:16:52:37 | index expression | provenance | | | test.go:57:2:57:46 | ... := ...[0] | test.go:58:13:58:22 | fileHeader | provenance | | | test.go:58:2:58:29 | ... := ...[0] | test.go:60:2:60:5 | file | provenance | | -| test.go:58:13:58:22 | fileHeader | test.go:58:2:58:29 | ... := ...[0] | provenance | MaD:700 | +| test.go:58:13:58:22 | fileHeader | test.go:58:2:58:29 | ... := ...[0] | provenance | MaD:639 | | test.go:59:2:59:7 | definition of buffer | test.go:61:20:61:25 | buffer | provenance | | -| test.go:60:2:60:5 | file | test.go:59:2:59:7 | definition of buffer | provenance | MaD:626 | +| test.go:60:2:60:5 | file | test.go:59:2:59:7 | definition of buffer | provenance | MaD:565 | | test.go:66:2:66:31 | ... := ...[0] | test.go:67:16:67:41 | index expression | provenance | | | test.go:72:2:72:31 | ... := ...[0] | test.go:74:13:74:22 | fileHeader | provenance | | | test.go:74:2:74:29 | ... := ...[0] | test.go:76:2:76:5 | file | provenance | | -| test.go:74:13:74:22 | fileHeader | test.go:74:2:74:29 | ... := ...[0] | provenance | MaD:700 | +| test.go:74:13:74:22 | fileHeader | test.go:74:2:74:29 | ... := ...[0] | provenance | MaD:639 | | test.go:75:2:75:7 | definition of buffer | test.go:77:20:77:25 | buffer | provenance | | -| test.go:76:2:76:5 | file | test.go:75:2:75:7 | definition of buffer | provenance | MaD:626 | +| test.go:76:2:76:5 | file | test.go:75:2:75:7 | definition of buffer | provenance | MaD:565 | | test.go:82:2:82:32 | ... := ...[0] | test.go:83:16:83:24 | selection of Value | provenance | | | test.go:88:13:88:25 | call to Cookies | test.go:89:16:89:31 | selection of Value | provenance | | | test.go:99:11:99:15 | &... | test.go:100:16:100:21 | selection of s | provenance | | | test.go:112:17:112:19 | definition of ctx | test.go:114:16:114:18 | ctx | provenance | | -| test.go:113:21:113:42 | call to Param | test.go:112:17:112:19 | definition of ctx | provenance | MaD:431 | -| test.go:114:16:114:18 | ctx | test.go:114:16:114:33 | call to Get | provenance | MaD:430 | +| test.go:113:21:113:42 | call to Param | test.go:112:17:112:19 | definition of ctx | provenance | MaD:370 | +| test.go:114:16:114:18 | ctx | test.go:114:16:114:33 | call to Get | provenance | MaD:369 | | test.go:114:16:114:33 | call to Get | test.go:114:16:114:42 | type assertion | provenance | | | test.go:124:11:124:32 | call to Param | test.go:125:16:125:20 | param | provenance | | | test.go:130:11:130:32 | call to Param | test.go:131:20:131:32 | type conversion | provenance | | | test.go:136:11:136:32 | call to Param | test.go:137:29:137:41 | type conversion | provenance | | | test.go:148:11:148:32 | call to Param | test.go:149:30:149:34 | param | provenance | | | test.go:149:12:149:35 | call to NewReader | test.go:150:31:150:36 | reader | provenance | | -| test.go:149:30:149:34 | param | test.go:149:12:149:35 | call to NewReader | provenance | MaD:909 | +| test.go:149:30:149:34 | param | test.go:149:12:149:35 | call to NewReader | provenance | MaD:848 | | test.go:164:11:164:32 | call to Param | test.go:165:23:165:35 | type conversion | provenance | | nodes | test.go:15:11:15:32 | call to Param | semmle.label | call to Param | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected index 36dc9d014faa..d16dc0b9c1f3 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected @@ -4,13 +4,13 @@ edges | jsoniter.go:23:20:23:38 | call to getUntrustedBytes | jsoniter.go:31:21:31:34 | untrustedInput | provenance | | | jsoniter.go:24:21:24:40 | call to getUntrustedString | jsoniter.go:35:27:35:41 | untrustedString | provenance | | | jsoniter.go:24:21:24:40 | call to getUntrustedString | jsoniter.go:39:31:39:45 | untrustedString | provenance | | -| jsoniter.go:27:17:27:30 | untrustedInput | jsoniter.go:27:33:27:37 | &... | provenance | MaD:422 | +| jsoniter.go:27:17:27:30 | untrustedInput | jsoniter.go:27:33:27:37 | &... | provenance | MaD:361 | | jsoniter.go:27:33:27:37 | &... | jsoniter.go:28:15:28:24 | selection of field | provenance | | -| jsoniter.go:31:21:31:34 | untrustedInput | jsoniter.go:31:37:31:42 | &... | provenance | MaD:420 | +| jsoniter.go:31:21:31:34 | untrustedInput | jsoniter.go:31:37:31:42 | &... | provenance | MaD:359 | | jsoniter.go:31:37:31:42 | &... | jsoniter.go:32:15:32:25 | selection of field | provenance | | -| jsoniter.go:35:27:35:41 | untrustedString | jsoniter.go:35:44:35:49 | &... | provenance | MaD:423 | +| jsoniter.go:35:27:35:41 | untrustedString | jsoniter.go:35:44:35:49 | &... | provenance | MaD:362 | | jsoniter.go:35:44:35:49 | &... | jsoniter.go:36:15:36:25 | selection of field | provenance | | -| jsoniter.go:39:31:39:45 | untrustedString | jsoniter.go:39:48:39:53 | &... | provenance | MaD:421 | +| jsoniter.go:39:31:39:45 | untrustedString | jsoniter.go:39:48:39:53 | &... | provenance | MaD:360 | | jsoniter.go:39:48:39:53 | &... | jsoniter.go:40:15:40:25 | selection of field | provenance | | nodes | jsoniter.go:23:20:23:38 | call to getUntrustedBytes | semmle.label | call to getUntrustedBytes | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected index 1ebdd0f3afb0..d6bffa163255 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected @@ -1,10 +1,10 @@ edges | EndToEnd.go:35:2:35:4 | definition of buf | EndToEnd.go:37:24:37:26 | buf | provenance | | | EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | | -| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:815 | -| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:629 | +| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:754 | +| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:568 | | EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | | -| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:815 | +| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:754 | | Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | | | examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | | | examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected index 20f6a5bf62a6..20897225a40a 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected @@ -1,8 +1,8 @@ edges | EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | | -| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:815 | +| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:754 | | EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | | -| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:815 | +| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:754 | nodes | EndToEnd.go:58:18:58:25 | selection of Params | semmle.label | selection of Params | | EndToEnd.go:58:18:58:30 | selection of Form | semmle.label | selection of Form | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected index d8d22b59dac9..b7e85057f325 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected @@ -6,9 +6,9 @@ edges | rpc/notes/service.twirp.go:493:2:493:2 | capture variable reqContent | rpc/notes/service.twirp.go:495:35:495:44 | reqContent | provenance | | | rpc/notes/service.twirp.go:495:35:495:44 | reqContent | server/main.go:19:56:19:61 | definition of params | provenance | | | rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | rpc/notes/service.twirp.go:544:27:544:29 | buf | provenance | | -| rpc/notes/service.twirp.go:538:25:538:32 | selection of Body | rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | provenance | MaD:620 | +| rpc/notes/service.twirp.go:538:25:538:32 | selection of Body | rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | provenance | MaD:559 | | rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | rpc/notes/service.twirp.go:574:2:574:2 | capture variable reqContent | provenance | | -| rpc/notes/service.twirp.go:544:27:544:29 | buf | rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | provenance | MaD:505 | +| rpc/notes/service.twirp.go:544:27:544:29 | buf | rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | provenance | MaD:444 | | rpc/notes/service.twirp.go:554:6:554:13 | definition of typedReq | rpc/notes/service.twirp.go:558:44:558:51 | typedReq | provenance | | | rpc/notes/service.twirp.go:558:44:558:51 | typedReq | server/main.go:19:56:19:61 | definition of params | provenance | | | rpc/notes/service.twirp.go:574:2:574:2 | capture variable reqContent | rpc/notes/service.twirp.go:576:35:576:44 | reqContent | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected index 165d6f040cd5..f4df600321f3 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected @@ -1,40 +1,40 @@ edges -| test.go:12:12:12:22 | selection of URL | test.go:12:12:12:30 | call to Query | provenance | MaD:808 | -| test.go:12:12:12:30 | call to Query | test.go:12:12:12:44 | call to Get | provenance | MaD:815 | +| test.go:12:12:12:22 | selection of URL | test.go:12:12:12:30 | call to Query | provenance | MaD:747 | +| test.go:12:12:12:30 | call to Query | test.go:12:12:12:44 | call to Get | provenance | MaD:754 | | test.go:12:12:12:44 | call to Get | test.go:15:42:15:47 | param1 | provenance | | | test.go:15:22:15:48 | call to UnescapeString | test.go:15:15:15:49 | type conversion | provenance | | -| test.go:15:42:15:47 | param1 | test.go:15:22:15:48 | call to UnescapeString | provenance | MaD:487 | +| test.go:15:42:15:47 | param1 | test.go:15:22:15:48 | call to UnescapeString | provenance | MaD:426 | | test.go:17:2:17:36 | ... := ...[0] | test.go:18:15:18:31 | type conversion | provenance | | | test.go:17:2:17:36 | ... := ...[0] | test.go:29:22:29:25 | node | provenance | | -| test.go:17:24:17:35 | selection of Body | test.go:17:2:17:36 | ... := ...[0] | provenance | MaD:482 | +| test.go:17:24:17:35 | selection of Body | test.go:17:2:17:36 | ... := ...[0] | provenance | MaD:421 | | test.go:20:2:20:48 | ... := ...[0] | test.go:21:15:21:32 | type conversion | provenance | | -| test.go:20:36:20:47 | selection of Body | test.go:20:2:20:48 | ... := ...[0] | provenance | MaD:485 | +| test.go:20:36:20:47 | selection of Body | test.go:20:2:20:48 | ... := ...[0] | provenance | MaD:424 | | test.go:23:2:23:50 | ... := ...[0] | test.go:24:15:24:35 | type conversion | provenance | | -| test.go:23:33:23:44 | selection of Body | test.go:23:2:23:50 | ... := ...[0] | provenance | MaD:483 | +| test.go:23:33:23:44 | selection of Body | test.go:23:2:23:50 | ... := ...[0] | provenance | MaD:422 | | test.go:26:2:26:62 | ... := ...[0] | test.go:27:15:27:36 | type conversion | provenance | | -| test.go:26:45:26:56 | selection of Body | test.go:26:2:26:62 | ... := ...[0] | provenance | MaD:484 | +| test.go:26:45:26:56 | selection of Body | test.go:26:2:26:62 | ... := ...[0] | provenance | MaD:423 | | test.go:31:15:31:45 | call to NewTokenizer | test.go:32:15:32:23 | tokenizer | provenance | | | test.go:31:15:31:45 | call to NewTokenizer | test.go:33:15:33:23 | tokenizer | provenance | | | test.go:31:15:31:45 | call to NewTokenizer | test.go:34:17:34:25 | tokenizer | provenance | | | test.go:31:15:31:45 | call to NewTokenizer | test.go:36:15:36:23 | tokenizer | provenance | | | test.go:31:15:31:45 | call to NewTokenizer | test.go:37:22:37:30 | tokenizer | provenance | | -| test.go:31:33:31:44 | selection of Body | test.go:31:15:31:45 | call to NewTokenizer | provenance | MaD:480 | -| test.go:32:15:32:23 | tokenizer | test.go:32:15:32:34 | call to Buffered | provenance | MaD:490 | -| test.go:33:15:33:23 | tokenizer | test.go:33:15:33:29 | call to Raw | provenance | MaD:491 | +| test.go:31:33:31:44 | selection of Body | test.go:31:15:31:45 | call to NewTokenizer | provenance | MaD:419 | +| test.go:32:15:32:23 | tokenizer | test.go:32:15:32:34 | call to Buffered | provenance | MaD:429 | +| test.go:33:15:33:23 | tokenizer | test.go:33:15:33:29 | call to Raw | provenance | MaD:430 | | test.go:34:2:34:35 | ... := ...[1] | test.go:35:15:35:19 | value | provenance | | -| test.go:34:17:34:25 | tokenizer | test.go:34:2:34:35 | ... := ...[1] | provenance | MaD:492 | -| test.go:36:15:36:23 | tokenizer | test.go:36:15:36:30 | call to Text | provenance | MaD:493 | -| test.go:37:22:37:30 | tokenizer | test.go:37:22:37:38 | call to Token | provenance | MaD:494 | +| test.go:34:17:34:25 | tokenizer | test.go:34:2:34:35 | ... := ...[1] | provenance | MaD:431 | +| test.go:36:15:36:23 | tokenizer | test.go:36:15:36:30 | call to Text | provenance | MaD:432 | +| test.go:37:22:37:30 | tokenizer | test.go:37:22:37:38 | call to Token | provenance | MaD:433 | | test.go:37:22:37:38 | call to Token | test.go:37:15:37:44 | type conversion | provenance | | | test.go:39:23:39:77 | call to NewTokenizerFragment | test.go:40:15:40:31 | tokenizerFragment | provenance | | -| test.go:39:49:39:60 | selection of Body | test.go:39:23:39:77 | call to NewTokenizerFragment | provenance | MaD:481 | -| test.go:40:15:40:31 | tokenizerFragment | test.go:40:15:40:42 | call to Buffered | provenance | MaD:490 | +| test.go:39:49:39:60 | selection of Body | test.go:39:23:39:77 | call to NewTokenizerFragment | provenance | MaD:420 | +| test.go:40:15:40:31 | tokenizerFragment | test.go:40:15:40:42 | call to Buffered | provenance | MaD:429 | | test.go:42:6:42:14 | definition of cleanNode | test.go:45:22:45:31 | &... | provenance | | | test.go:42:6:42:14 | definition of cleanNode | test.go:45:22:45:31 | &... | provenance | | | test.go:42:6:42:14 | definition of cleanNode | test.go:45:23:45:31 | cleanNode | provenance | | | test.go:43:2:43:43 | ... := ...[0] | test.go:44:24:44:34 | taintedNode | provenance | | -| test.go:43:31:43:42 | selection of Body | test.go:43:2:43:43 | ... := ...[0] | provenance | MaD:482 | -| test.go:44:24:44:34 | taintedNode | test.go:42:6:42:14 | definition of cleanNode | provenance | MaD:488 | +| test.go:43:31:43:42 | selection of Body | test.go:43:2:43:43 | ... := ...[0] | provenance | MaD:421 | +| test.go:44:24:44:34 | taintedNode | test.go:42:6:42:14 | definition of cleanNode | provenance | MaD:427 | | test.go:45:22:45:31 | &... | test.go:45:22:45:31 | &... | provenance | | | test.go:45:22:45:31 | &... | test.go:45:22:45:31 | &... | provenance | | | test.go:45:22:45:31 | &... | test.go:45:23:45:31 | cleanNode | provenance | | @@ -46,8 +46,8 @@ edges | test.go:47:6:47:15 | definition of cleanNode2 | test.go:50:22:50:32 | &... | provenance | | | test.go:47:6:47:15 | definition of cleanNode2 | test.go:50:23:50:32 | cleanNode2 | provenance | | | test.go:48:2:48:44 | ... := ...[0] | test.go:49:26:49:37 | taintedNode2 | provenance | | -| test.go:48:32:48:43 | selection of Body | test.go:48:2:48:44 | ... := ...[0] | provenance | MaD:482 | -| test.go:49:26:49:37 | taintedNode2 | test.go:47:6:47:15 | definition of cleanNode2 | provenance | MaD:489 | +| test.go:48:32:48:43 | selection of Body | test.go:48:2:48:44 | ... := ...[0] | provenance | MaD:421 | +| test.go:49:26:49:37 | taintedNode2 | test.go:47:6:47:15 | definition of cleanNode2 | provenance | MaD:428 | | test.go:50:22:50:32 | &... | test.go:50:22:50:32 | &... | provenance | | | test.go:50:22:50:32 | &... | test.go:50:22:50:32 | &... | provenance | | | test.go:50:22:50:32 | &... | test.go:50:23:50:32 | cleanNode2 | provenance | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected b/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected index 76d7f0dd9317..f11a0a8b7f64 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected @@ -1,6 +1,6 @@ edges -| test.go:56:2:56:42 | ... := ...[0] | test.go:57:29:57:40 | selection of Value | provenance | Src:MaD:740 | -| test.go:57:29:57:40 | selection of Value | test.go:57:11:57:41 | call to EscapeString | provenance | MaD:479 | +| test.go:56:2:56:42 | ... := ...[0] | test.go:57:29:57:40 | selection of Value | provenance | Src:MaD:679 | +| test.go:57:29:57:40 | selection of Value | test.go:57:11:57:41 | call to EscapeString | provenance | MaD:418 | nodes | test.go:56:2:56:42 | ... := ...[0] | semmle.label | ... := ...[0] | | test.go:57:11:57:41 | call to EscapeString | semmle.label | call to EscapeString | diff --git a/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected b/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected index 4112a9094927..ce874f03fab5 100644 --- a/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected +++ b/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected @@ -7,9 +7,9 @@ edges | UnsafeUnzipSymlinkGood.go:76:70:76:80 | selection of Name | UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | provenance | | | ZipSlip.go:11:2:15:2 | range statement[1] | ZipSlip.go:12:24:12:29 | selection of Name | provenance | | | ZipSlip.go:12:3:12:30 | ... := ...[0] | ZipSlip.go:14:20:14:20 | p | provenance | | -| ZipSlip.go:12:24:12:29 | selection of Name | ZipSlip.go:12:3:12:30 | ... := ...[0] | provenance | MaD:820 | +| ZipSlip.go:12:24:12:29 | selection of Name | ZipSlip.go:12:3:12:30 | ... := ...[0] | provenance | MaD:759 | | tarslip.go:15:2:15:30 | ... := ...[0] | tarslip.go:16:23:16:33 | selection of Name | provenance | | -| tarslip.go:16:23:16:33 | selection of Name | tarslip.go:16:14:16:34 | call to Dir | provenance | MaD:835 | +| tarslip.go:16:23:16:33 | selection of Name | tarslip.go:16:14:16:34 | call to Dir | provenance | MaD:774 | | tst.go:23:2:43:2 | range statement[1] | tst.go:29:20:29:23 | path | provenance | | nodes | UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | semmle.label | definition of candidate | diff --git a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected index 6d399f758a3e..5a19b2063f5c 100644 --- a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected @@ -1,27 +1,27 @@ edges -| ArgumentInjection.go:9:10:9:16 | selection of URL | ArgumentInjection.go:9:10:9:24 | call to Query | provenance | MaD:808 | +| ArgumentInjection.go:9:10:9:16 | selection of URL | ArgumentInjection.go:9:10:9:24 | call to Query | provenance | MaD:747 | | ArgumentInjection.go:9:10:9:24 | call to Query | ArgumentInjection.go:10:31:10:34 | path | provenance | | -| CommandInjection2.go:13:15:13:21 | selection of URL | CommandInjection2.go:13:15:13:29 | call to Query | provenance | MaD:808 | +| CommandInjection2.go:13:15:13:21 | selection of URL | CommandInjection2.go:13:15:13:29 | call to Query | provenance | MaD:747 | | CommandInjection2.go:13:15:13:29 | call to Query | CommandInjection2.go:15:67:15:75 | imageName | provenance | | | CommandInjection2.go:15:34:15:88 | []type{args} [array] | CommandInjection2.go:15:34:15:88 | call to Sprintf | provenance | MaD:248 | | CommandInjection2.go:15:67:15:75 | imageName | CommandInjection2.go:15:34:15:88 | []type{args} [array] | provenance | | | CommandInjection2.go:15:67:15:75 | imageName | CommandInjection2.go:15:34:15:88 | call to Sprintf | provenance | FunctionModel | -| CommandInjection2.go:41:15:41:21 | selection of URL | CommandInjection2.go:41:15:41:29 | call to Query | provenance | MaD:808 | +| CommandInjection2.go:41:15:41:21 | selection of URL | CommandInjection2.go:41:15:41:29 | call to Query | provenance | MaD:747 | | CommandInjection2.go:41:15:41:29 | call to Query | CommandInjection2.go:44:67:44:75 | imageName | provenance | | | CommandInjection2.go:44:34:44:88 | []type{args} [array] | CommandInjection2.go:44:34:44:88 | call to Sprintf | provenance | MaD:248 | | CommandInjection2.go:44:67:44:75 | imageName | CommandInjection2.go:44:34:44:88 | []type{args} [array] | provenance | | | CommandInjection2.go:44:67:44:75 | imageName | CommandInjection2.go:44:34:44:88 | call to Sprintf | provenance | FunctionModel | -| CommandInjection.go:9:13:9:19 | selection of URL | CommandInjection.go:9:13:9:27 | call to Query | provenance | MaD:808 | +| CommandInjection.go:9:13:9:19 | selection of URL | CommandInjection.go:9:13:9:27 | call to Query | provenance | MaD:747 | | CommandInjection.go:9:13:9:27 | call to Query | CommandInjection.go:10:22:10:28 | cmdName | provenance | | -| GitSubcommands.go:11:13:11:19 | selection of URL | GitSubcommands.go:11:13:11:27 | call to Query | provenance | MaD:808 | +| GitSubcommands.go:11:13:11:19 | selection of URL | GitSubcommands.go:11:13:11:27 | call to Query | provenance | MaD:747 | | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:13:31:13:37 | tainted | provenance | | | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:14:31:14:37 | tainted | provenance | | | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:15:30:15:36 | tainted | provenance | | | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:16:35:16:41 | tainted | provenance | | | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:17:36:17:42 | tainted | provenance | | -| GitSubcommands.go:33:13:33:19 | selection of URL | GitSubcommands.go:33:13:33:27 | call to Query | provenance | MaD:808 | +| GitSubcommands.go:33:13:33:19 | selection of URL | GitSubcommands.go:33:13:33:27 | call to Query | provenance | MaD:747 | | GitSubcommands.go:33:13:33:27 | call to Query | GitSubcommands.go:38:32:38:38 | tainted | provenance | | -| SanitizingDoubleDash.go:9:13:9:19 | selection of URL | SanitizingDoubleDash.go:9:13:9:27 | call to Query | provenance | MaD:808 | +| SanitizingDoubleDash.go:9:13:9:19 | selection of URL | SanitizingDoubleDash.go:9:13:9:27 | call to Query | provenance | MaD:747 | | SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:13:25:13:31 | tainted | provenance | | | SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:14:23:14:33 | slice expression | provenance | | | SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:39:31:39:37 | tainted | provenance | | @@ -56,7 +56,7 @@ edges | SanitizingDoubleDash.go:69:21:69:28 | arrayLit | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | MaD:28 | | SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | MaD:29 | | SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append [array] | provenance | MaD:29 | -| SanitizingDoubleDash.go:92:13:92:19 | selection of URL | SanitizingDoubleDash.go:92:13:92:27 | call to Query | provenance | MaD:808 | +| SanitizingDoubleDash.go:92:13:92:19 | selection of URL | SanitizingDoubleDash.go:92:13:92:27 | call to Query | provenance | MaD:747 | | SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:95:25:95:31 | tainted | provenance | | | SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:96:24:96:34 | slice expression | provenance | | | SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:100:31:100:37 | tainted | provenance | | diff --git a/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected b/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected index 13a97e6e7735..690d37f30b51 100644 --- a/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected +++ b/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected @@ -1,18 +1,18 @@ edges -| ReflectedXss.go:11:15:11:20 | selection of Form | ReflectedXss.go:11:15:11:36 | call to Get | provenance | MaD:815 | +| ReflectedXss.go:11:15:11:20 | selection of Form | ReflectedXss.go:11:15:11:36 | call to Get | provenance | MaD:754 | | ReflectedXss.go:11:15:11:36 | call to Get | ReflectedXss.go:14:44:14:51 | username | provenance | | -| contenttype.go:11:11:11:16 | selection of Form | contenttype.go:11:11:11:28 | call to Get | provenance | MaD:815 | +| contenttype.go:11:11:11:16 | selection of Form | contenttype.go:11:11:11:28 | call to Get | provenance | MaD:754 | | contenttype.go:11:11:11:28 | call to Get | contenttype.go:17:11:17:22 | type conversion | provenance | | -| contenttype.go:49:11:49:16 | selection of Form | contenttype.go:49:11:49:28 | call to Get | provenance | MaD:815 | +| contenttype.go:49:11:49:16 | selection of Form | contenttype.go:49:11:49:28 | call to Get | provenance | MaD:754 | | contenttype.go:49:11:49:28 | call to Get | contenttype.go:53:34:53:37 | data | provenance | | -| contenttype.go:63:10:63:28 | call to FormValue | contenttype.go:64:52:64:55 | data | provenance | Src:MaD:743 | -| contenttype.go:73:10:73:28 | call to FormValue | contenttype.go:79:11:79:14 | data | provenance | Src:MaD:743 | -| contenttype.go:88:10:88:28 | call to FormValue | contenttype.go:91:4:91:7 | data | provenance | Src:MaD:743 | -| contenttype.go:113:10:113:28 | call to FormValue | contenttype.go:114:50:114:53 | data | provenance | Src:MaD:743 | -| reflectedxsstest.go:31:2:31:44 | ... := ...[0] | reflectedxsstest.go:32:34:32:37 | file | provenance | Src:MaD:742 | -| reflectedxsstest.go:31:2:31:44 | ... := ...[1] | reflectedxsstest.go:34:46:34:60 | selection of Filename | provenance | Src:MaD:742 | +| contenttype.go:63:10:63:28 | call to FormValue | contenttype.go:64:52:64:55 | data | provenance | Src:MaD:682 | +| contenttype.go:73:10:73:28 | call to FormValue | contenttype.go:79:11:79:14 | data | provenance | Src:MaD:682 | +| contenttype.go:88:10:88:28 | call to FormValue | contenttype.go:91:4:91:7 | data | provenance | Src:MaD:682 | +| contenttype.go:113:10:113:28 | call to FormValue | contenttype.go:114:50:114:53 | data | provenance | Src:MaD:682 | +| reflectedxsstest.go:31:2:31:44 | ... := ...[0] | reflectedxsstest.go:32:34:32:37 | file | provenance | Src:MaD:681 | +| reflectedxsstest.go:31:2:31:44 | ... := ...[1] | reflectedxsstest.go:34:46:34:60 | selection of Filename | provenance | Src:MaD:681 | | reflectedxsstest.go:32:2:32:38 | ... := ...[0] | reflectedxsstest.go:33:49:33:55 | content | provenance | | -| reflectedxsstest.go:32:34:32:37 | file | reflectedxsstest.go:32:2:32:38 | ... := ...[0] | provenance | MaD:613 | +| reflectedxsstest.go:32:34:32:37 | file | reflectedxsstest.go:32:2:32:38 | ... := ...[0] | provenance | MaD:552 | | reflectedxsstest.go:33:17:33:56 | []type{args} [array] | reflectedxsstest.go:33:17:33:56 | call to Sprintf | provenance | MaD:248 | | reflectedxsstest.go:33:17:33:56 | call to Sprintf | reflectedxsstest.go:33:10:33:57 | type conversion | provenance | | | reflectedxsstest.go:33:49:33:55 | content | reflectedxsstest.go:33:17:33:56 | []type{args} [array] | provenance | | @@ -21,25 +21,25 @@ edges | reflectedxsstest.go:34:17:34:61 | call to Sprintf | reflectedxsstest.go:34:10:34:62 | type conversion | provenance | | | reflectedxsstest.go:34:46:34:60 | selection of Filename | reflectedxsstest.go:34:17:34:61 | []type{args} [array] | provenance | | | reflectedxsstest.go:34:46:34:60 | selection of Filename | reflectedxsstest.go:34:17:34:61 | call to Sprintf | provenance | FunctionModel | -| reflectedxsstest.go:38:2:38:35 | ... := ...[0] | reflectedxsstest.go:39:16:39:21 | reader | provenance | Src:MaD:744 | +| reflectedxsstest.go:38:2:38:35 | ... := ...[0] | reflectedxsstest.go:39:16:39:21 | reader | provenance | Src:MaD:683 | | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | reflectedxsstest.go:40:14:40:17 | part | provenance | | | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | reflectedxsstest.go:42:2:42:5 | part | provenance | | -| reflectedxsstest.go:39:16:39:21 | reader | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | provenance | MaD:703 | -| reflectedxsstest.go:40:14:40:17 | part | reflectedxsstest.go:40:14:40:28 | call to FileName | provenance | MaD:701 | +| reflectedxsstest.go:39:16:39:21 | reader | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | provenance | MaD:642 | +| reflectedxsstest.go:40:14:40:17 | part | reflectedxsstest.go:40:14:40:28 | call to FileName | provenance | MaD:640 | | reflectedxsstest.go:40:14:40:28 | call to FileName | reflectedxsstest.go:44:46:44:53 | partName | provenance | | | reflectedxsstest.go:41:2:41:10 | definition of byteSlice | reflectedxsstest.go:45:10:45:18 | byteSlice | provenance | | -| reflectedxsstest.go:42:2:42:5 | part | reflectedxsstest.go:41:2:41:10 | definition of byteSlice | provenance | MaD:626 | +| reflectedxsstest.go:42:2:42:5 | part | reflectedxsstest.go:41:2:41:10 | definition of byteSlice | provenance | MaD:565 | | reflectedxsstest.go:44:17:44:54 | []type{args} [array] | reflectedxsstest.go:44:17:44:54 | call to Sprintf | provenance | MaD:248 | | reflectedxsstest.go:44:17:44:54 | call to Sprintf | reflectedxsstest.go:44:10:44:55 | type conversion | provenance | | | reflectedxsstest.go:44:46:44:53 | partName | reflectedxsstest.go:44:17:44:54 | []type{args} [array] | provenance | | | reflectedxsstest.go:44:46:44:53 | partName | reflectedxsstest.go:44:17:44:54 | call to Sprintf | provenance | FunctionModel | -| reflectedxsstest.go:51:14:51:18 | selection of URL | reflectedxsstest.go:51:14:51:26 | call to Query | provenance | MaD:808 | +| reflectedxsstest.go:51:14:51:18 | selection of URL | reflectedxsstest.go:51:14:51:26 | call to Query | provenance | MaD:747 | | reflectedxsstest.go:51:14:51:26 | call to Query | reflectedxsstest.go:54:11:54:21 | type conversion | provenance | | -| tst.go:14:15:14:20 | selection of Form | tst.go:14:15:14:36 | call to Get | provenance | MaD:815 | +| tst.go:14:15:14:20 | selection of Form | tst.go:14:15:14:36 | call to Get | provenance | MaD:754 | | tst.go:14:15:14:36 | call to Get | tst.go:18:32:18:32 | a | provenance | | | tst.go:18:19:18:38 | call to Join | tst.go:18:12:18:39 | type conversion | provenance | | -| tst.go:18:32:18:32 | a | tst.go:18:19:18:38 | call to Join | provenance | MaD:907 | -| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:34 | call to Get | provenance | MaD:815 | +| tst.go:18:32:18:32 | a | tst.go:18:19:18:38 | call to Join | provenance | MaD:846 | +| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:34 | call to Get | provenance | MaD:754 | | tst.go:48:14:48:34 | call to Get | tst.go:53:12:53:26 | type conversion | provenance | | | websocketXss.go:30:7:30:10 | definition of xnet | websocketXss.go:32:24:32:27 | xnet | provenance | | | websocketXss.go:34:3:34:7 | definition of xnet2 | websocketXss.go:36:24:36:28 | xnet2 | provenance | | diff --git a/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected b/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected index 3e81377e6a45..3fca7405f8d1 100644 --- a/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected @@ -1,12 +1,12 @@ edges | SqlInjection.go:10:7:11:30 | []type{args} [array] | SqlInjection.go:10:7:11:30 | call to Sprintf | provenance | MaD:248 | | SqlInjection.go:10:7:11:30 | call to Sprintf | SqlInjection.go:12:11:12:11 | q | provenance | | -| SqlInjection.go:11:3:11:9 | selection of URL | SqlInjection.go:11:3:11:17 | call to Query | provenance | MaD:808 | +| SqlInjection.go:11:3:11:9 | selection of URL | SqlInjection.go:11:3:11:17 | call to Query | provenance | MaD:747 | | SqlInjection.go:11:3:11:17 | call to Query | SqlInjection.go:11:3:11:29 | index expression | provenance | | | SqlInjection.go:11:3:11:29 | index expression | SqlInjection.go:10:7:11:30 | []type{args} [array] | provenance | | | SqlInjection.go:11:3:11:29 | index expression | SqlInjection.go:10:7:11:30 | call to Sprintf | provenance | FunctionModel | | issue48.go:17:2:17:33 | ... := ...[0] | issue48.go:18:17:18:17 | b | provenance | | -| issue48.go:17:25:17:32 | selection of Body | issue48.go:17:2:17:33 | ... := ...[0] | provenance | MaD:613 | +| issue48.go:17:25:17:32 | selection of Body | issue48.go:17:2:17:33 | ... := ...[0] | provenance | MaD:552 | | issue48.go:18:17:18:17 | b | issue48.go:18:20:18:39 | &... | provenance | MaD:187 | | issue48.go:18:20:18:39 | &... | issue48.go:21:3:21:33 | index expression | provenance | | | issue48.go:20:8:21:34 | []type{args} [array] | issue48.go:20:8:21:34 | call to Sprintf | provenance | MaD:248 | @@ -14,7 +14,7 @@ edges | issue48.go:21:3:21:33 | index expression | issue48.go:20:8:21:34 | []type{args} [array] | provenance | | | issue48.go:21:3:21:33 | index expression | issue48.go:20:8:21:34 | call to Sprintf | provenance | FunctionModel | | issue48.go:27:2:27:34 | ... := ...[0] | issue48.go:28:17:28:18 | b2 | provenance | | -| issue48.go:27:26:27:33 | selection of Body | issue48.go:27:2:27:34 | ... := ...[0] | provenance | MaD:613 | +| issue48.go:27:26:27:33 | selection of Body | issue48.go:27:2:27:34 | ... := ...[0] | provenance | MaD:552 | | issue48.go:28:17:28:18 | b2 | issue48.go:28:21:28:41 | &... | provenance | MaD:187 | | issue48.go:28:21:28:41 | &... | issue48.go:31:3:31:31 | selection of Category | provenance | | | issue48.go:30:8:31:32 | []type{args} [array] | issue48.go:30:8:31:32 | call to Sprintf | provenance | MaD:248 | @@ -22,7 +22,7 @@ edges | issue48.go:31:3:31:31 | selection of Category | issue48.go:30:8:31:32 | []type{args} [array] | provenance | | | issue48.go:31:3:31:31 | selection of Category | issue48.go:30:8:31:32 | call to Sprintf | provenance | FunctionModel | | issue48.go:37:17:37:50 | type conversion | issue48.go:37:53:37:73 | &... | provenance | MaD:187 | -| issue48.go:37:24:37:30 | selection of URL | issue48.go:37:24:37:38 | call to Query | provenance | MaD:808 | +| issue48.go:37:24:37:30 | selection of URL | issue48.go:37:24:37:38 | call to Query | provenance | MaD:747 | | issue48.go:37:24:37:38 | call to Query | issue48.go:37:17:37:50 | type conversion | provenance | | | issue48.go:37:53:37:73 | &... | issue48.go:40:3:40:31 | selection of Category | provenance | | | issue48.go:39:8:40:32 | []type{args} [array] | issue48.go:39:8:40:32 | call to Sprintf | provenance | MaD:248 | @@ -31,17 +31,17 @@ edges | issue48.go:40:3:40:31 | selection of Category | issue48.go:39:8:40:32 | call to Sprintf | provenance | FunctionModel | | main.go:11:11:11:16 | selection of Form | main.go:11:11:11:28 | index expression | provenance | | | main.go:15:11:15:84 | []type{args} [array] | main.go:15:11:15:84 | call to Sprintf | provenance | MaD:248 | -| main.go:15:63:15:67 | selection of URL | main.go:15:63:15:75 | call to Query | provenance | MaD:808 | +| main.go:15:63:15:67 | selection of URL | main.go:15:63:15:75 | call to Query | provenance | MaD:747 | | main.go:15:63:15:75 | call to Query | main.go:15:63:15:83 | index expression | provenance | | | main.go:15:63:15:83 | index expression | main.go:15:11:15:84 | []type{args} [array] | provenance | | | main.go:15:63:15:83 | index expression | main.go:15:11:15:84 | call to Sprintf | provenance | FunctionModel | | main.go:16:11:16:85 | []type{args} [array] | main.go:16:11:16:85 | call to Sprintf | provenance | MaD:248 | -| main.go:16:63:16:70 | selection of Header | main.go:16:63:16:84 | call to Get | provenance | MaD:728 | +| main.go:16:63:16:70 | selection of Header | main.go:16:63:16:84 | call to Get | provenance | MaD:667 | | main.go:16:63:16:84 | call to Get | main.go:16:11:16:85 | []type{args} [array] | provenance | | | main.go:16:63:16:84 | call to Get | main.go:16:11:16:85 | call to Sprintf | provenance | FunctionModel | | main.go:28:17:31:2 | &... [pointer, Category] | main.go:34:3:34:13 | RequestData [pointer, Category] | provenance | | | main.go:28:18:31:2 | struct literal [Category] | main.go:28:17:31:2 | &... [pointer, Category] | provenance | | -| main.go:30:13:30:19 | selection of URL | main.go:30:13:30:27 | call to Query | provenance | MaD:808 | +| main.go:30:13:30:19 | selection of URL | main.go:30:13:30:27 | call to Query | provenance | MaD:747 | | main.go:30:13:30:27 | call to Query | main.go:30:13:30:39 | index expression | provenance | | | main.go:30:13:30:39 | index expression | main.go:28:18:31:2 | struct literal [Category] | provenance | | | main.go:33:7:34:23 | []type{args} [array] | main.go:33:7:34:23 | call to Sprintf | provenance | MaD:248 | @@ -54,7 +54,7 @@ edges | main.go:39:2:39:12 | definition of RequestData [pointer, Category] | main.go:43:3:43:13 | RequestData [pointer, Category] | provenance | | | main.go:40:2:40:12 | RequestData [pointer, Category] | main.go:40:2:40:12 | implicit dereference [Category] | provenance | | | main.go:40:2:40:12 | implicit dereference [Category] | main.go:39:2:39:12 | definition of RequestData [pointer, Category] | provenance | | -| main.go:40:25:40:31 | selection of URL | main.go:40:25:40:39 | call to Query | provenance | MaD:808 | +| main.go:40:25:40:31 | selection of URL | main.go:40:25:40:39 | call to Query | provenance | MaD:747 | | main.go:40:25:40:39 | call to Query | main.go:40:25:40:51 | index expression | provenance | | | main.go:40:25:40:51 | index expression | main.go:40:2:40:12 | implicit dereference [Category] | provenance | | | main.go:42:7:43:23 | []type{args} [array] | main.go:42:7:43:23 | call to Sprintf | provenance | MaD:248 | @@ -67,7 +67,7 @@ edges | main.go:48:2:48:12 | definition of RequestData [pointer, Category] | main.go:52:3:52:13 | RequestData [pointer, Category] | provenance | | | main.go:49:3:49:14 | star expression [Category] | main.go:48:2:48:12 | definition of RequestData [pointer, Category] | provenance | | | main.go:49:4:49:14 | RequestData [pointer, Category] | main.go:49:3:49:14 | star expression [Category] | provenance | | -| main.go:49:28:49:34 | selection of URL | main.go:49:28:49:42 | call to Query | provenance | MaD:808 | +| main.go:49:28:49:34 | selection of URL | main.go:49:28:49:42 | call to Query | provenance | MaD:747 | | main.go:49:28:49:42 | call to Query | main.go:49:28:49:54 | index expression | provenance | | | main.go:49:28:49:54 | index expression | main.go:49:3:49:14 | star expression [Category] | provenance | | | main.go:51:7:52:23 | []type{args} [array] | main.go:51:7:52:23 | call to Sprintf | provenance | MaD:248 | @@ -80,7 +80,7 @@ edges | main.go:57:2:57:12 | definition of RequestData [pointer, Category] | main.go:61:5:61:15 | RequestData [pointer, Category] | provenance | | | main.go:58:3:58:14 | star expression [Category] | main.go:57:2:57:12 | definition of RequestData [pointer, Category] | provenance | | | main.go:58:4:58:14 | RequestData [pointer, Category] | main.go:58:3:58:14 | star expression [Category] | provenance | | -| main.go:58:28:58:34 | selection of URL | main.go:58:28:58:42 | call to Query | provenance | MaD:808 | +| main.go:58:28:58:34 | selection of URL | main.go:58:28:58:42 | call to Query | provenance | MaD:747 | | main.go:58:28:58:42 | call to Query | main.go:58:28:58:54 | index expression | provenance | | | main.go:58:28:58:54 | index expression | main.go:58:3:58:14 | star expression [Category] | provenance | | | main.go:60:7:61:26 | []type{args} [array] | main.go:60:7:61:26 | call to Sprintf | provenance | MaD:248 | @@ -89,7 +89,7 @@ edges | main.go:61:3:61:25 | selection of Category | main.go:60:7:61:26 | call to Sprintf | provenance | FunctionModel | | main.go:61:4:61:15 | star expression [Category] | main.go:61:3:61:25 | selection of Category | provenance | | | main.go:61:5:61:15 | RequestData [pointer, Category] | main.go:61:4:61:15 | star expression [Category] | provenance | | -| mongoDB.go:40:20:40:30 | call to Referer | mongoDB.go:42:28:42:41 | untrustedInput | provenance | Src:MaD:746 | +| mongoDB.go:40:20:40:30 | call to Referer | mongoDB.go:42:28:42:41 | untrustedInput | provenance | Src:MaD:685 | | mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:50:34:50:39 | filter | provenance | | | mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:61:27:61:32 | filter | provenance | | | mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:63:23:63:28 | filter | provenance | | diff --git a/go/ql/test/query-tests/Security/CWE-089/StringBreak.expected b/go/ql/test/query-tests/Security/CWE-089/StringBreak.expected index 84f7c36e1acc..4caef4a3534d 100644 --- a/go/ql/test/query-tests/Security/CWE-089/StringBreak.expected +++ b/go/ql/test/query-tests/Security/CWE-089/StringBreak.expected @@ -2,10 +2,10 @@ edges | StringBreak.go:10:2:10:40 | ... := ...[0] | StringBreak.go:14:47:14:57 | versionJSON | provenance | | | StringBreakMismatched.go:12:2:12:40 | ... := ...[0] | StringBreakMismatched.go:13:29:13:47 | type conversion | provenance | | | StringBreakMismatched.go:13:13:13:62 | call to Replace | StringBreakMismatched.go:17:26:17:32 | escaped | provenance | | -| StringBreakMismatched.go:13:29:13:47 | type conversion | StringBreakMismatched.go:13:13:13:62 | call to Replace | provenance | MaD:911 | +| StringBreakMismatched.go:13:29:13:47 | type conversion | StringBreakMismatched.go:13:13:13:62 | call to Replace | provenance | MaD:850 | | StringBreakMismatched.go:24:2:24:40 | ... := ...[0] | StringBreakMismatched.go:25:29:25:47 | type conversion | provenance | | | StringBreakMismatched.go:25:13:25:61 | call to Replace | StringBreakMismatched.go:29:27:29:33 | escaped | provenance | | -| StringBreakMismatched.go:25:29:25:47 | type conversion | StringBreakMismatched.go:25:13:25:61 | call to Replace | provenance | MaD:911 | +| StringBreakMismatched.go:25:29:25:47 | type conversion | StringBreakMismatched.go:25:13:25:61 | call to Replace | provenance | MaD:850 | nodes | StringBreak.go:10:2:10:40 | ... := ...[0] | semmle.label | ... := ...[0] | | StringBreak.go:14:47:14:57 | versionJSON | semmle.label | versionJSON | diff --git a/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected b/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected index 18e9ba4abd44..fa8f9a02fed1 100644 --- a/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected +++ b/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected @@ -9,7 +9,7 @@ edges | sample.go:33:2:33:6 | definition of nonce | sample.go:37:25:37:29 | nonce | provenance | | | sample.go:33:2:33:6 | definition of nonce | sample.go:37:32:37:36 | nonce | provenance | | | sample.go:34:12:34:40 | call to New | sample.go:35:14:35:19 | random | provenance | | -| sample.go:35:14:35:19 | random | sample.go:33:2:33:6 | definition of nonce | provenance | MaD:622 | +| sample.go:35:14:35:19 | random | sample.go:33:2:33:6 | definition of nonce | provenance | MaD:561 | | sample.go:55:17:55:42 | call to Intn | sample.go:56:29:56:38 | randNumber | provenance | | | sample.go:56:11:56:40 | type conversion | sample.go:58:32:58:43 | type conversion | provenance | | | sample.go:56:18:56:39 | index expression | sample.go:56:11:56:40 | type conversion | provenance | | diff --git a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected index 57c2fac8135d..1a14ca5e9598 100644 --- a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected +++ b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected @@ -1,16 +1,16 @@ edges -| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | MaD:808 | -| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:815 | +| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | MaD:747 | +| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:754 | | go-jose.v3.go:25:16:25:47 | call to Get | go-jose.v3.go:26:15:26:25 | signedToken | provenance | | | go-jose.v3.go:26:15:26:25 | signedToken | go-jose.v3.go:29:19:29:29 | definition of signedToken | provenance | | | go-jose.v3.go:29:19:29:29 | definition of signedToken | go-jose.v3.go:31:37:31:47 | signedToken | provenance | | -| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:394 | -| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:396 | -| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | MaD:808 | -| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:815 | +| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:333 | +| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:335 | +| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | MaD:747 | +| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:754 | | golang-jwt-v5.go:28:16:28:47 | call to Get | golang-jwt-v5.go:29:25:29:35 | signedToken | provenance | | | golang-jwt-v5.go:29:25:29:35 | signedToken | golang-jwt-v5.go:32:29:32:39 | definition of signedToken | provenance | | -| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:408 | +| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:347 | nodes | go-jose.v3.go:25:16:25:20 | selection of URL | semmle.label | selection of URL | | go-jose.v3.go:25:16:25:28 | call to Query | semmle.label | call to Query | diff --git a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected index 86842f028d9c..117465d63153 100644 --- a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected +++ b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected @@ -12,8 +12,8 @@ edges | main.go:68:17:68:24 | argument corresponding to redirect | main.go:73:20:73:27 | redirect | provenance | | | main.go:68:17:68:24 | definition of redirect | main.go:73:20:73:27 | redirect | provenance | | | main.go:73:9:73:28 | call to Clean | main.go:77:25:77:39 | call to getTarget1 | provenance | | -| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:834 | -| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:834 | +| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:773 | +| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:773 | | main.go:76:19:76:21 | argument corresponding to url | main.go:77:36:77:38 | url | provenance | | | main.go:77:36:77:38 | url | main.go:68:17:68:24 | definition of redirect | provenance | | | main.go:77:36:77:38 | url | main.go:77:25:77:39 | call to getTarget1 | provenance | | diff --git a/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected b/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected index c24487ab4918..03a593151be5 100644 --- a/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected +++ b/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected @@ -43,11 +43,11 @@ edges | stdlib.go:162:24:162:26 | url | stdlib.go:162:24:162:35 | call to String | provenance | Config | | stdlib.go:173:35:173:39 | selection of URL | stdlib.go:173:35:173:52 | call to RequestURI | provenance | Config | | stdlib.go:173:35:173:52 | call to RequestURI | stdlib.go:173:24:173:52 | ...+... | provenance | Config | -| stdlib.go:182:13:182:33 | call to FormValue | stdlib.go:184:23:184:28 | target | provenance | Src:MaD:743 | +| stdlib.go:182:13:182:33 | call to FormValue | stdlib.go:184:23:184:28 | target | provenance | Src:MaD:682 | | stdlib.go:190:3:190:8 | definition of target | stdlib.go:192:23:192:28 | target | provenance | | | stdlib.go:190:3:190:8 | definition of target | stdlib.go:194:23:194:28 | target | provenance | | | stdlib.go:190:3:190:57 | ... := ...[0] | stdlib.go:190:3:190:8 | definition of target | provenance | | -| stdlib.go:190:36:190:56 | call to FormValue | stdlib.go:190:3:190:57 | ... := ...[0] | provenance | Src:MaD:743 Config | +| stdlib.go:190:36:190:56 | call to FormValue | stdlib.go:190:3:190:57 | ... := ...[0] | provenance | Src:MaD:682 Config | | stdlib.go:192:23:192:28 | implicit dereference | stdlib.go:190:3:190:8 | definition of target | provenance | Config | | stdlib.go:192:23:192:28 | implicit dereference | stdlib.go:192:23:192:33 | selection of Path | provenance | Config | | stdlib.go:192:23:192:28 | target | stdlib.go:192:23:192:28 | implicit dereference | provenance | Config | diff --git a/go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected b/go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected index a1f71c46e203..e0ed89e75a4d 100644 --- a/go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected @@ -1,23 +1,23 @@ edges -| EmailBad.go:9:10:9:17 | selection of Header | EmailBad.go:9:10:9:29 | call to Get | provenance | MaD:728 | +| EmailBad.go:9:10:9:17 | selection of Header | EmailBad.go:9:10:9:29 | call to Get | provenance | MaD:667 | | EmailBad.go:9:10:9:29 | call to Get | EmailBad.go:12:56:12:67 | type conversion | provenance | | -| main.go:29:21:29:31 | call to Referer | main.go:31:57:31:78 | type conversion | provenance | Src:MaD:746 | -| main.go:37:21:37:31 | call to Referer | main.go:41:25:41:38 | untrustedInput | provenance | Src:MaD:746 | -| main.go:41:25:41:38 | untrustedInput | main.go:40:3:40:7 | definition of write | provenance | MaD:625 | -| main.go:46:21:46:31 | call to Referer | main.go:52:46:52:59 | untrustedInput | provenance | Src:MaD:746 | -| main.go:46:21:46:31 | call to Referer | main.go:53:52:53:65 | untrustedInput | provenance | Src:MaD:746 | -| main.go:58:21:58:31 | call to Referer | main.go:60:47:60:60 | untrustedInput | provenance | Src:MaD:746 | +| main.go:29:21:29:31 | call to Referer | main.go:31:57:31:78 | type conversion | provenance | Src:MaD:685 | +| main.go:37:21:37:31 | call to Referer | main.go:41:25:41:38 | untrustedInput | provenance | Src:MaD:685 | +| main.go:41:25:41:38 | untrustedInput | main.go:40:3:40:7 | definition of write | provenance | MaD:564 | +| main.go:46:21:46:31 | call to Referer | main.go:52:46:52:59 | untrustedInput | provenance | Src:MaD:685 | +| main.go:46:21:46:31 | call to Referer | main.go:53:52:53:65 | untrustedInput | provenance | Src:MaD:685 | +| main.go:58:21:58:31 | call to Referer | main.go:60:47:60:60 | untrustedInput | provenance | Src:MaD:685 | | main.go:60:14:60:61 | call to NewContent | main.go:63:16:63:22 | content | provenance | | -| main.go:60:47:60:60 | untrustedInput | main.go:60:14:60:61 | call to NewContent | provenance | MaD:457 | -| main.go:68:21:68:31 | call to Referer | main.go:74:47:74:60 | untrustedInput | provenance | Src:MaD:746 | +| main.go:60:47:60:60 | untrustedInput | main.go:60:14:60:61 | call to NewContent | provenance | MaD:396 | +| main.go:68:21:68:31 | call to Referer | main.go:74:47:74:60 | untrustedInput | provenance | Src:MaD:685 | | main.go:74:14:74:61 | call to NewContent | main.go:76:50:76:56 | content | provenance | | | main.go:74:14:74:61 | call to NewContent | main.go:76:59:76:65 | content | provenance | | | main.go:74:14:74:61 | call to NewContent | main.go:77:16:77:22 | content | provenance | | -| main.go:74:47:74:60 | untrustedInput | main.go:74:14:74:61 | call to NewContent | provenance | MaD:457 | -| main.go:82:21:82:31 | call to Referer | main.go:89:37:89:50 | untrustedInput | provenance | Src:MaD:746 | -| main.go:82:21:82:31 | call to Referer | main.go:91:48:91:61 | untrustedInput | provenance | Src:MaD:746 | +| main.go:74:47:74:60 | untrustedInput | main.go:74:14:74:61 | call to NewContent | provenance | MaD:396 | +| main.go:82:21:82:31 | call to Referer | main.go:89:37:89:50 | untrustedInput | provenance | Src:MaD:685 | +| main.go:82:21:82:31 | call to Referer | main.go:91:48:91:61 | untrustedInput | provenance | Src:MaD:685 | | main.go:91:15:91:62 | call to NewContent | main.go:93:16:93:23 | content2 | provenance | | -| main.go:91:48:91:61 | untrustedInput | main.go:91:15:91:62 | call to NewContent | provenance | MaD:457 | +| main.go:91:48:91:61 | untrustedInput | main.go:91:15:91:62 | call to NewContent | provenance | MaD:396 | nodes | EmailBad.go:9:10:9:17 | selection of Header | semmle.label | selection of Header | | EmailBad.go:9:10:9:29 | call to Get | semmle.label | call to Get | diff --git a/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected b/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected index 2aaa4d2dae4d..e7fd21bfc039 100644 --- a/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected @@ -1,16 +1,16 @@ edges -| XPathInjection.go:13:14:13:19 | selection of Form | XPathInjection.go:13:14:13:35 | call to Get | provenance | MaD:815 | +| XPathInjection.go:13:14:13:19 | selection of Form | XPathInjection.go:13:14:13:35 | call to Get | provenance | MaD:754 | | XPathInjection.go:13:14:13:35 | call to Get | XPathInjection.go:16:29:16:91 | ...+... | provenance | | -| tst.go:34:14:34:19 | selection of Form | tst.go:34:14:34:35 | call to Get | provenance | MaD:815 | +| tst.go:34:14:34:19 | selection of Form | tst.go:34:14:34:35 | call to Get | provenance | MaD:754 | | tst.go:34:14:34:35 | call to Get | tst.go:37:23:37:85 | ...+... | provenance | | | tst.go:34:14:34:35 | call to Get | tst.go:40:24:40:86 | ...+... | provenance | | | tst.go:34:14:34:35 | call to Get | tst.go:43:24:43:82 | ...+... | provenance | | -| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:35 | call to Get | provenance | MaD:815 | +| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:35 | call to Get | provenance | MaD:754 | | tst.go:48:14:48:35 | call to Get | tst.go:51:26:51:84 | ...+... | provenance | | | tst.go:48:14:48:35 | call to Get | tst.go:54:29:54:87 | ...+... | provenance | | | tst.go:48:14:48:35 | call to Get | tst.go:57:33:57:91 | ...+... | provenance | | | tst.go:48:14:48:35 | call to Get | tst.go:60:30:60:88 | ...+... | provenance | | -| tst.go:65:14:65:19 | selection of Form | tst.go:65:14:65:35 | call to Get | provenance | MaD:815 | +| tst.go:65:14:65:19 | selection of Form | tst.go:65:14:65:35 | call to Get | provenance | MaD:754 | | tst.go:65:14:65:35 | call to Get | tst.go:68:25:68:83 | ...+... | provenance | | | tst.go:65:14:65:35 | call to Get | tst.go:71:28:71:86 | ...+... | provenance | | | tst.go:65:14:65:35 | call to Get | tst.go:74:25:74:83 | ...+... | provenance | | @@ -19,38 +19,38 @@ edges | tst.go:65:14:65:35 | call to Get | tst.go:83:29:83:87 | ...+... | provenance | | | tst.go:65:14:65:35 | call to Get | tst.go:86:23:86:85 | ...+... | provenance | | | tst.go:65:14:65:35 | call to Get | tst.go:89:22:89:84 | ...+... | provenance | | -| tst.go:94:14:94:19 | selection of Form | tst.go:94:14:94:35 | call to Get | provenance | MaD:815 | +| tst.go:94:14:94:19 | selection of Form | tst.go:94:14:94:35 | call to Get | provenance | MaD:754 | | tst.go:94:14:94:35 | call to Get | tst.go:97:26:97:84 | ...+... | provenance | | | tst.go:94:14:94:35 | call to Get | tst.go:100:29:100:87 | ...+... | provenance | | | tst.go:94:14:94:35 | call to Get | tst.go:103:33:103:91 | ...+... | provenance | | | tst.go:94:14:94:35 | call to Get | tst.go:106:30:106:88 | ...+... | provenance | | -| tst.go:111:14:111:19 | selection of Form | tst.go:111:14:111:35 | call to Get | provenance | MaD:815 | +| tst.go:111:14:111:19 | selection of Form | tst.go:111:14:111:35 | call to Get | provenance | MaD:754 | | tst.go:111:14:111:35 | call to Get | tst.go:114:25:114:87 | ...+... | provenance | | | tst.go:111:14:111:35 | call to Get | tst.go:117:26:117:88 | ...+... | provenance | | -| tst.go:122:14:122:19 | selection of Form | tst.go:122:14:122:35 | call to Get | provenance | MaD:815 | +| tst.go:122:14:122:19 | selection of Form | tst.go:122:14:122:35 | call to Get | provenance | MaD:754 | | tst.go:122:14:122:35 | call to Get | tst.go:126:23:126:126 | ...+... | provenance | | | tst.go:122:14:122:35 | call to Get | tst.go:129:24:129:127 | ...+... | provenance | | | tst.go:122:14:122:35 | call to Get | tst.go:132:27:132:122 | ...+... | provenance | | -| tst.go:123:14:123:19 | selection of Form | tst.go:123:14:123:35 | call to Get | provenance | MaD:815 | +| tst.go:123:14:123:19 | selection of Form | tst.go:123:14:123:35 | call to Get | provenance | MaD:754 | | tst.go:123:14:123:35 | call to Get | tst.go:126:23:126:126 | ...+... | provenance | | | tst.go:123:14:123:35 | call to Get | tst.go:129:24:129:127 | ...+... | provenance | | | tst.go:123:14:123:35 | call to Get | tst.go:132:27:132:122 | ...+... | provenance | | -| tst.go:140:14:140:19 | selection of Form | tst.go:140:14:140:35 | call to Get | provenance | MaD:815 | +| tst.go:140:14:140:19 | selection of Form | tst.go:140:14:140:35 | call to Get | provenance | MaD:754 | | tst.go:140:14:140:35 | call to Get | tst.go:143:27:143:89 | ...+... | provenance | | | tst.go:140:14:140:35 | call to Get | tst.go:146:28:146:90 | ...+... | provenance | | -| tst.go:151:14:151:19 | selection of Form | tst.go:151:14:151:35 | call to Get | provenance | MaD:815 | +| tst.go:151:14:151:19 | selection of Form | tst.go:151:14:151:35 | call to Get | provenance | MaD:754 | | tst.go:151:14:151:35 | call to Get | tst.go:155:33:155:136 | ...+... | provenance | | | tst.go:151:14:151:35 | call to Get | tst.go:158:18:158:121 | ...+... | provenance | | | tst.go:151:14:151:35 | call to Get | tst.go:164:31:164:126 | ...+... | provenance | | | tst.go:151:14:151:35 | call to Get | tst.go:173:21:173:116 | ...+... | provenance | | | tst.go:151:14:151:35 | call to Get | tst.go:182:27:182:122 | ...+... | provenance | | -| tst.go:152:14:152:19 | selection of Form | tst.go:152:14:152:35 | call to Get | provenance | MaD:815 | +| tst.go:152:14:152:19 | selection of Form | tst.go:152:14:152:35 | call to Get | provenance | MaD:754 | | tst.go:152:14:152:35 | call to Get | tst.go:155:33:155:136 | ...+... | provenance | | | tst.go:152:14:152:35 | call to Get | tst.go:158:18:158:121 | ...+... | provenance | | | tst.go:152:14:152:35 | call to Get | tst.go:164:31:164:126 | ...+... | provenance | | | tst.go:152:14:152:35 | call to Get | tst.go:173:21:173:116 | ...+... | provenance | | | tst.go:152:14:152:35 | call to Get | tst.go:182:27:182:122 | ...+... | provenance | | -| tst.go:193:14:193:19 | selection of Form | tst.go:193:14:193:35 | call to Get | provenance | MaD:815 | +| tst.go:193:14:193:19 | selection of Form | tst.go:193:14:193:35 | call to Get | provenance | MaD:754 | | tst.go:193:14:193:35 | call to Get | tst.go:198:23:198:85 | ...+... | provenance | | nodes | XPathInjection.go:13:14:13:19 | selection of Form | semmle.label | selection of Form | diff --git a/go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected b/go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected index dfe10af24ef4..f865e773b5c3 100644 --- a/go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected +++ b/go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected @@ -1,12 +1,12 @@ edges -| RequestForgery.go:8:12:8:34 | call to FormValue | RequestForgery.go:11:24:11:65 | ...+... | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:14:11:14:17 | tainted | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:18:12:18:18 | tainted | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:21:34:21:40 | tainted | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:24:66:24:72 | tainted | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:27:11:27:29 | ...+... | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:29:11:29:40 | ...+... | provenance | Src:MaD:743 | -| tst.go:10:13:10:35 | call to FormValue | tst.go:36:11:36:17 | tainted | provenance | Src:MaD:743 | +| RequestForgery.go:8:12:8:34 | call to FormValue | RequestForgery.go:11:24:11:65 | ...+... | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:14:11:14:17 | tainted | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:18:12:18:18 | tainted | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:21:34:21:40 | tainted | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:24:66:24:72 | tainted | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:27:11:27:29 | ...+... | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:29:11:29:40 | ...+... | provenance | Src:MaD:682 | +| tst.go:10:13:10:35 | call to FormValue | tst.go:36:11:36:17 | tainted | provenance | Src:MaD:682 | | tst.go:35:2:35:2 | definition of u [pointer] | tst.go:36:2:36:2 | u [pointer] | provenance | | | tst.go:36:2:36:2 | implicit dereference | tst.go:35:2:35:2 | definition of u [pointer] | provenance | | | tst.go:36:2:36:2 | implicit dereference | tst.go:36:2:36:2 | u | provenance | | @@ -18,15 +18,15 @@ edges | tst.go:36:11:36:17 | tainted | tst.go:36:2:36:2 | u | provenance | Config | | tst.go:36:11:36:17 | tainted | tst.go:37:11:37:11 | u | provenance | Config | | tst.go:37:11:37:11 | u | tst.go:37:11:37:20 | call to String | provenance | MaD:238 | -| websocket.go:60:21:60:31 | call to Referer | websocket.go:65:27:65:40 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:74:21:74:31 | call to Referer | websocket.go:78:36:78:49 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:88:21:88:31 | call to Referer | websocket.go:91:31:91:44 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:107:21:107:31 | call to Referer | websocket.go:110:15:110:28 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:126:21:126:31 | call to Referer | websocket.go:129:38:129:51 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:154:21:154:31 | call to Referer | websocket.go:155:31:155:44 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:160:21:160:31 | call to Referer | websocket.go:162:31:162:44 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:195:21:195:31 | call to Referer | websocket.go:197:18:197:31 | untrustedInput | provenance | Src:MaD:746 | -| websocket.go:202:21:202:31 | call to Referer | websocket.go:204:11:204:24 | untrustedInput | provenance | Src:MaD:746 | +| websocket.go:60:21:60:31 | call to Referer | websocket.go:65:27:65:40 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:74:21:74:31 | call to Referer | websocket.go:78:36:78:49 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:88:21:88:31 | call to Referer | websocket.go:91:31:91:44 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:107:21:107:31 | call to Referer | websocket.go:110:15:110:28 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:126:21:126:31 | call to Referer | websocket.go:129:38:129:51 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:154:21:154:31 | call to Referer | websocket.go:155:31:155:44 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:160:21:160:31 | call to Referer | websocket.go:162:31:162:44 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:195:21:195:31 | call to Referer | websocket.go:197:18:197:31 | untrustedInput | provenance | Src:MaD:685 | +| websocket.go:202:21:202:31 | call to Referer | websocket.go:204:11:204:24 | untrustedInput | provenance | Src:MaD:685 | nodes | RequestForgery.go:8:12:8:34 | call to FormValue | semmle.label | call to FormValue | | RequestForgery.go:11:24:11:65 | ...+... | semmle.label | ...+... |