Skip to content

Commit 86e2b84

Browse files
owen-mcowen-mc
committed
Add tests for copy (taint passes, value fails)
1 parent eab1569 commit 86e2b84

File tree

6 files changed

+56
-42
lines changed

6 files changed

+56
-42
lines changed

go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/sinks.expected

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -21,15 +21,16 @@ invalidModelRow
2121
| test.go:113:10:113:20 | index expression | qltest |
2222
| test.go:117:10:117:16 | taint15 | qltest |
2323
| test.go:121:10:121:17 | index expression | qltest |
24-
| test.go:126:10:126:16 | taint16 | qltest |
25-
| test.go:130:10:130:13 | selection of F | qltest |
26-
| test.go:133:10:133:17 | call to Get | qltest |
27-
| test.go:137:10:137:17 | call to Get | qltest |
28-
| test.go:142:10:142:17 | call to Get | qltest |
29-
| test.go:146:10:146:14 | selection of F | qltest |
30-
| test.go:149:10:149:32 | call to GetThroughPointer | qltest |
31-
| test.go:153:10:153:32 | call to GetThroughPointer | qltest |
32-
| test.go:158:10:158:32 | call to GetThroughPointer | qltest |
33-
| test.go:164:17:164:20 | arg1 | qltest |
34-
| test.go:164:23:164:26 | arg2 | qltest |
35-
| test.go:164:29:164:32 | arg3 | qltest |
24+
| test.go:127:10:127:18 | index expression | qltest |
25+
| test.go:132:10:132:16 | taint16 | qltest |
26+
| test.go:136:10:136:13 | selection of F | qltest |
27+
| test.go:139:10:139:17 | call to Get | qltest |
28+
| test.go:143:10:143:17 | call to Get | qltest |
29+
| test.go:148:10:148:17 | call to Get | qltest |
30+
| test.go:152:10:152:14 | selection of F | qltest |
31+
| test.go:155:10:155:32 | call to GetThroughPointer | qltest |
32+
| test.go:159:10:159:32 | call to GetThroughPointer | qltest |
33+
| test.go:164:10:164:32 | call to GetThroughPointer | qltest |
34+
| test.go:170:17:170:20 | arg1 | qltest |
35+
| test.go:170:23:170:26 | arg2 | qltest |
36+
| test.go:170:29:170:32 | arg3 | qltest |

go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,12 +12,12 @@ invalidModelRow
1212
| test.go:91:46:91:53 | call to Src1 | qltest |
1313
| test.go:95:35:95:42 | call to Src1 | qltest |
1414
| test.go:99:42:99:49 | call to Src1 | qltest |
15-
| test.go:124:8:124:15 | call to Src1 | qltest |
16-
| test.go:129:9:129:16 | call to Src1 | qltest |
17-
| test.go:132:15:132:22 | call to Src1 | qltest |
18-
| test.go:136:9:136:16 | call to Src1 | qltest |
19-
| test.go:140:9:140:16 | call to Src1 | qltest |
20-
| test.go:145:24:145:31 | call to Src1 | qltest |
21-
| test.go:148:17:148:24 | call to Src1 | qltest |
22-
| test.go:152:24:152:31 | call to Src1 | qltest |
23-
| test.go:156:24:156:31 | call to Src1 | qltest |
15+
| test.go:130:8:130:15 | call to Src1 | qltest |
16+
| test.go:135:9:135:16 | call to Src1 | qltest |
17+
| test.go:138:15:138:22 | call to Src1 | qltest |
18+
| test.go:142:9:142:16 | call to Src1 | qltest |
19+
| test.go:146:9:146:16 | call to Src1 | qltest |
20+
| test.go:151:24:151:31 | call to Src1 | qltest |
21+
| test.go:154:17:154:24 | call to Src1 | qltest |
22+
| test.go:158:24:158:31 | call to Src1 | qltest |
23+
| test.go:162:24:162:31 | call to Src1 | qltest |

go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/test.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -120,6 +120,12 @@ func simpleflow() {
120120
slice = append(slice, src)
121121
b.Sink1(slice[0]) // $ hasTaintFlow="index expression"
122122

123+
slice1 := make([]string, 2)
124+
slice1[0] = src.(string)
125+
slice2 := make([]string, 2)
126+
copy(slice2, slice1)
127+
b.Sink1(slice2[0]) // $ hasTaintFlow="index expression"
128+
123129
ch := make(chan string)
124130
ch <- a.Src1().(string)
125131
taint16 := test.StepArgCollectionContentRes(ch)

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/sinks.expected

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -21,15 +21,16 @@ invalidModelRow
2121
| test.go:113:10:113:20 | index expression | qltest |
2222
| test.go:117:10:117:16 | taint15 | qltest |
2323
| test.go:121:10:121:17 | index expression | qltest |
24-
| test.go:126:10:126:16 | taint16 | qltest |
25-
| test.go:130:10:130:13 | selection of F | qltest |
26-
| test.go:133:10:133:17 | call to Get | qltest |
27-
| test.go:137:10:137:17 | call to Get | qltest |
28-
| test.go:142:10:142:17 | call to Get | qltest |
29-
| test.go:146:10:146:14 | selection of F | qltest |
30-
| test.go:149:10:149:32 | call to GetThroughPointer | qltest |
31-
| test.go:153:10:153:32 | call to GetThroughPointer | qltest |
32-
| test.go:158:10:158:32 | call to GetThroughPointer | qltest |
33-
| test.go:164:17:164:20 | arg1 | qltest |
34-
| test.go:164:23:164:26 | arg2 | qltest |
35-
| test.go:164:29:164:32 | arg3 | qltest |
24+
| test.go:127:10:127:18 | index expression | qltest |
25+
| test.go:132:10:132:16 | taint16 | qltest |
26+
| test.go:136:10:136:13 | selection of F | qltest |
27+
| test.go:139:10:139:17 | call to Get | qltest |
28+
| test.go:143:10:143:17 | call to Get | qltest |
29+
| test.go:148:10:148:17 | call to Get | qltest |
30+
| test.go:152:10:152:14 | selection of F | qltest |
31+
| test.go:155:10:155:32 | call to GetThroughPointer | qltest |
32+
| test.go:159:10:159:32 | call to GetThroughPointer | qltest |
33+
| test.go:164:10:164:32 | call to GetThroughPointer | qltest |
34+
| test.go:170:17:170:20 | arg1 | qltest |
35+
| test.go:170:23:170:26 | arg2 | qltest |
36+
| test.go:170:29:170:32 | arg3 | qltest |

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,12 +12,12 @@ invalidModelRow
1212
| test.go:91:46:91:53 | call to Src1 | qltest |
1313
| test.go:95:35:95:42 | call to Src1 | qltest |
1414
| test.go:99:42:99:49 | call to Src1 | qltest |
15-
| test.go:124:8:124:15 | call to Src1 | qltest |
16-
| test.go:129:9:129:16 | call to Src1 | qltest |
17-
| test.go:132:15:132:22 | call to Src1 | qltest |
18-
| test.go:136:9:136:16 | call to Src1 | qltest |
19-
| test.go:140:9:140:16 | call to Src1 | qltest |
20-
| test.go:145:24:145:31 | call to Src1 | qltest |
21-
| test.go:148:17:148:24 | call to Src1 | qltest |
22-
| test.go:152:24:152:31 | call to Src1 | qltest |
23-
| test.go:156:24:156:31 | call to Src1 | qltest |
15+
| test.go:130:8:130:15 | call to Src1 | qltest |
16+
| test.go:135:9:135:16 | call to Src1 | qltest |
17+
| test.go:138:15:138:22 | call to Src1 | qltest |
18+
| test.go:142:9:142:16 | call to Src1 | qltest |
19+
| test.go:146:9:146:16 | call to Src1 | qltest |
20+
| test.go:151:24:151:31 | call to Src1 | qltest |
21+
| test.go:154:17:154:24 | call to Src1 | qltest |
22+
| test.go:158:24:158:31 | call to Src1 | qltest |
23+
| test.go:162:24:162:31 | call to Src1 | qltest |

go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/test.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -120,6 +120,12 @@ func simpleflow() {
120120
slice = append(slice, src)
121121
b.Sink1(slice[0]) // $ hasValueFlow="index expression"
122122

123+
slice1 := make([]string, 2)
124+
slice1[0] = src.(string)
125+
slice2 := make([]string, 2)
126+
copy(slice2, slice1)
127+
b.Sink1(slice2[0]) // $ MISSING: hasValueFlow="index expression" // this is a bug, but it is normally covered because it works with taint tracking
128+
123129
ch := make(chan string)
124130
ch <- a.Src1().(string)
125131
taint16 := test.StepArgCollectionContentRes(ch)

0 commit comments

Comments
 (0)