Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit 0baca5f

Browse files
gagliardettogagliardetto
committed
Remove encoder taint-tracking for encoding/base32 
1 parent 828d386 commit 0baca5f

File tree

2 files changed

+9
-59
lines changed

2 files changed

+9
-59
lines changed

ql/src/semmle/go/frameworks/stdlib/EncodingBase32.qll

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,6 @@ module EncodingBase32 {
1414
// signature: func NewDecoder(enc *Encoding, r io.Reader) io.Reader
1515
hasQualifiedName("encoding/base32", "NewDecoder") and
1616
(inp.isParameter(1) and outp.isResult())
17-
or
18-
// signature: func NewEncoder(enc *Encoding, w io.Writer) io.WriteCloser
19-
hasQualifiedName("encoding/base32", "NewEncoder") and
20-
(inp.isResult() and outp.isParameter(1))
2117
}
2218

2319
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
@@ -37,14 +33,6 @@ module EncodingBase32 {
3733
// signature: func (*Encoding).DecodeString(s string) ([]byte, error)
3834
this.hasQualifiedName("encoding/base32", "Encoding", "DecodeString") and
3935
(inp.isParameter(0) and outp.isResult(0))
40-
or
41-
// signature: func (*Encoding).Encode(dst []byte, src []byte)
42-
this.hasQualifiedName("encoding/base32", "Encoding", "Encode") and
43-
(inp.isParameter(1) and outp.isParameter(0))
44-
or
45-
// signature: func (*Encoding).EncodeToString(src []byte) string
46-
this.hasQualifiedName("encoding/base32", "Encoding", "EncodeToString") and
47-
(inp.isParameter(0) and outp.isResult())
4836
}
4937

5038
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {

ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingBase32.go

Lines changed: 9 additions & 47 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)