Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit 1591ed3

Browse files
gagliardettogagliardetto
committed
Implement code review feedback
1 parent 5b63228 commit 1591ed3

File tree

8 files changed

+396
-661
lines changed

8 files changed

+396
-661
lines changed

ql/src/semmle/go/frameworks/Stdlib.qll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,8 @@
33
*/
44

55
import go
6-
import semmle.go.frameworks.stdlib.ImportAll
6+
import semmle.go.frameworks.stdlib.ArchiveTar
7+
import semmle.go.frameworks.stdlib.ArchiveZip
78

89
/** A `String()` method. */
910
class StringMethod extends TaintTracking::FunctionModel, Method {

ql/src/semmle/go/frameworks/stdlib/ArchiveTarTaintTracking.qll renamed to ql/src/semmle/go/frameworks/stdlib/ArchiveTar.qll

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
11
/**
2-
* Provides classes modeling security-relevant aspects of the standard libraries.
2+
* Provides classes modeling security-relevant aspects of the `archive/tar` package.
33
*/
44

55
import go
66

77
/** Provides models of commonly used functions in the `archive/tar` package. */
8-
module ArchiveTarTaintTracking {
9-
private class FunctionTaintTracking extends TaintTracking::FunctionModel {
8+
module ArchiveTar {
9+
private class FunctionModels extends TaintTracking::FunctionModel {
1010
FunctionInput inp;
1111
FunctionOutput outp;
1212

13-
FunctionTaintTracking() {
13+
FunctionModels() {
1414
// signature: func FileInfoHeader(fi os.FileInfo, link string) (*Header, error)
1515
hasQualifiedName("archive/tar", "FileInfoHeader") and
1616
(inp.isParameter(0) and outp.isResult(0))
@@ -29,11 +29,11 @@ module ArchiveTarTaintTracking {
2929
}
3030
}
3131

32-
private class MethodAndInterfaceTaintTracking extends TaintTracking::FunctionModel, Method {
32+
private class MethodModels extends TaintTracking::FunctionModel, Method {
3333
FunctionInput inp;
3434
FunctionOutput outp;
3535

36-
MethodAndInterfaceTaintTracking() {
36+
MethodModels() {
3737
// Methods:
3838
// signature: func (*Header).FileInfo() os.FileInfo
3939
this.(Method).hasQualifiedName("archive/tar", "Header", "FileInfo") and

ql/src/semmle/go/frameworks/stdlib/ArchiveZipTaintTracking.qll renamed to ql/src/semmle/go/frameworks/stdlib/ArchiveZip.qll

Lines changed: 7 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
11
/**
2-
* Provides classes modeling security-relevant aspects of the standard libraries.
2+
* Provides classes modeling security-relevant aspects of the `archive/zip` package.
33
*/
44

55
import go
66

77
/** Provides models of commonly used functions in the `archive/zip` package. */
8-
module ArchiveZipTaintTracking {
9-
private class FunctionTaintTracking extends TaintTracking::FunctionModel {
8+
module ArchiveZip {
9+
private class FunctionModels extends TaintTracking::FunctionModel {
1010
FunctionInput inp;
1111
FunctionOutput outp;
1212

13-
FunctionTaintTracking() {
13+
FunctionModels() {
1414
// signature: func FileInfoHeader(fi os.FileInfo) (*FileHeader, error)
1515
hasQualifiedName("archive/zip", "FileInfoHeader") and
1616
(inp.isParameter(0) and outp.isResult(0))
@@ -33,50 +33,23 @@ module ArchiveZipTaintTracking {
3333
}
3434
}
3535

36-
private class MethodAndInterfaceTaintTracking extends TaintTracking::FunctionModel, Method {
36+
private class MethodModels extends TaintTracking::FunctionModel, Method {
3737
FunctionInput inp;
3838
FunctionOutput outp;
3939

40-
MethodAndInterfaceTaintTracking() {
40+
MethodModels() {
4141
// Methods:
4242
// signature: func (*File).Open() (io.ReadCloser, error)
4343
this.(Method).hasQualifiedName("archive/zip", "File", "Open") and
4444
(inp.isReceiver() and outp.isResult(0))
4545
or
46-
// signature: func (*FileHeader).FileInfo() os.FileInfo
47-
this.(Method).hasQualifiedName("archive/zip", "FileHeader", "FileInfo") and
48-
(inp.isReceiver() and outp.isResult())
49-
or
50-
// signature: func (*FileHeader).Mode() (mode os.FileMode)
51-
this.(Method).hasQualifiedName("archive/zip", "FileHeader", "Mode") and
52-
(inp.isReceiver() and outp.isResult())
53-
or
54-
// signature: func (*FileHeader).SetMode(mode os.FileMode)
55-
this.(Method).hasQualifiedName("archive/zip", "FileHeader", "SetMode") and
56-
(inp.isParameter(0) and outp.isReceiver())
57-
or
58-
// signature: func (*Reader).RegisterDecompressor(method uint16, dcomp Decompressor)
59-
this.(Method).hasQualifiedName("archive/zip", "Reader", "RegisterDecompressor") and
60-
(inp.isParameter(1) and outp.isReceiver())
61-
or
6246
// signature: func (*Writer).Create(name string) (io.Writer, error)
6347
this.(Method).hasQualifiedName("archive/zip", "Writer", "Create") and
6448
(inp.isResult(0) and outp.isReceiver())
6549
or
6650
// signature: func (*Writer).CreateHeader(fh *FileHeader) (io.Writer, error)
6751
this.(Method).hasQualifiedName("archive/zip", "Writer", "CreateHeader") and
68-
(
69-
(inp.isParameter(0) or inp.isResult(0)) and
70-
outp.isReceiver()
71-
)
72-
or
73-
// signature: func (*Writer).RegisterCompressor(method uint16, comp Compressor)
74-
this.(Method).hasQualifiedName("archive/zip", "Writer", "RegisterCompressor") and
75-
(inp.isParameter(1) and outp.isReceiver())
76-
or
77-
// signature: func (*Writer).SetComment(comment string) error
78-
this.(Method).hasQualifiedName("archive/zip", "Writer", "SetComment") and
79-
(inp.isParameter(0) and outp.isReceiver())
52+
(inp.isResult(0) and outp.isReceiver())
8053
}
8154

8255
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {

ql/src/semmle/go/frameworks/stdlib/ImportAll.qll

Lines changed: 0 additions & 7 deletions
This file was deleted.

ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/ArchiveTarTaintTracking.go renamed to ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/ArchiveTar.go

Lines changed: 73 additions & 73 deletions
Original file line numberDiff line numberDiff line change
@@ -9,137 +9,137 @@ import (
99
)
1010

1111
func TaintStepTest_ArchiveTarFileInfoHeader_B0I0O0(sourceCQL interface{}) interface{} {
12-
// The flow is from `fromFileInfo656` into `intoHeader414`.
12+
// The flow is from `fromFileInfo291` into `intoHeader926`.
1313

14-
// Assume that `sourceCQL` has the underlying type of `fromFileInfo656`:
15-
fromFileInfo656 := sourceCQL.(os.FileInfo)
14+
// Assume that `sourceCQL` has the underlying type of `fromFileInfo291`:
15+
fromFileInfo291 := sourceCQL.(os.FileInfo)
1616

1717
// Call the function that transfers the taint
18-
// from the parameter `fromFileInfo656` to result `intoHeader414`
19-
// (`intoHeader414` is now tainted).
20-
intoHeader414, _ := tar.FileInfoHeader(fromFileInfo656, "")
18+
// from the parameter `fromFileInfo291` to result `intoHeader926`
19+
// (`intoHeader926` is now tainted).
20+
intoHeader926, _ := tar.FileInfoHeader(fromFileInfo291, "")
2121

22-
// Return the tainted `intoHeader414`:
23-
return intoHeader414
22+
// Return the tainted `intoHeader926`:
23+
return intoHeader926
2424
}
2525

2626
func TaintStepTest_ArchiveTarNewReader_B0I0O0(sourceCQL interface{}) interface{} {
27-
// The flow is from `fromReader518` into `intoReader650`.
27+
// The flow is from `fromReader527` into `intoReader503`.
2828

29-
// Assume that `sourceCQL` has the underlying type of `fromReader518`:
30-
fromReader518 := sourceCQL.(io.Reader)
29+
// Assume that `sourceCQL` has the underlying type of `fromReader527`:
30+
fromReader527 := sourceCQL.(io.Reader)
3131

3232
// Call the function that transfers the taint
33-
// from the parameter `fromReader518` to result `intoReader650`
34-
// (`intoReader650` is now tainted).
35-
intoReader650 := tar.NewReader(fromReader518)
33+
// from the parameter `fromReader527` to result `intoReader503`
34+
// (`intoReader503` is now tainted).
35+
intoReader503 := tar.NewReader(fromReader527)
3636

37-
// Return the tainted `intoReader650`:
38-
return intoReader650
37+
// Return the tainted `intoReader503`:
38+
return intoReader503
3939
}
4040

4141
func TaintStepTest_ArchiveTarNewWriter_B0I0O0(sourceCQL interface{}) interface{} {
42-
// The flow is from `fromWriter784` into `intoWriter957`.
42+
// The flow is from `fromWriter907` into `intoWriter317`.
4343

44-
// Assume that `sourceCQL` has the underlying type of `fromWriter784`:
45-
fromWriter784 := sourceCQL.(*tar.Writer)
44+
// Assume that `sourceCQL` has the underlying type of `fromWriter907`:
45+
fromWriter907 := sourceCQL.(*tar.Writer)
4646

47-
// Declare `intoWriter957` variable:
48-
var intoWriter957 io.Writer
47+
// Declare `intoWriter317` variable:
48+
var intoWriter317 io.Writer
4949

5050
// Call the function that will transfer the taint
51-
// from the result `intermediateCQL` to parameter `intoWriter957`:
52-
intermediateCQL := tar.NewWriter(intoWriter957)
51+
// from the result `intermediateCQL` to parameter `intoWriter317`:
52+
intermediateCQL := tar.NewWriter(intoWriter317)
5353

54-
// Extra step (`fromWriter784` taints `intermediateCQL`, which taints `intoWriter957`:
55-
link(fromWriter784, intermediateCQL)
54+
// Extra step (`fromWriter907` taints `intermediateCQL`, which taints `intoWriter317`:
55+
link(fromWriter907, intermediateCQL)
5656

57-
// Return the tainted `intoWriter957`:
58-
return intoWriter957
57+
// Return the tainted `intoWriter317`:
58+
return intoWriter317
5959
}
6060

6161
func TaintStepTest_ArchiveTarHeaderFileInfo_B0I0O0(sourceCQL interface{}) interface{} {
62-
// The flow is from `fromHeader520` into `intoFileInfo443`.
62+
// The flow is from `fromHeader460` into `intoFileInfo402`.
6363

64-
// Assume that `sourceCQL` has the underlying type of `fromHeader520`:
65-
fromHeader520 := sourceCQL.(tar.Header)
64+
// Assume that `sourceCQL` has the underlying type of `fromHeader460`:
65+
fromHeader460 := sourceCQL.(tar.Header)
6666

6767
// Call the method that transfers the taint
68-
// from the receiver `fromHeader520` to the result `intoFileInfo443`
69-
// (`intoFileInfo443` is now tainted).
70-
intoFileInfo443 := fromHeader520.FileInfo()
68+
// from the receiver `fromHeader460` to the result `intoFileInfo402`
69+
// (`intoFileInfo402` is now tainted).
70+
intoFileInfo402 := fromHeader460.FileInfo()
7171

72-
// Return the tainted `intoFileInfo443`:
73-
return intoFileInfo443
72+
// Return the tainted `intoFileInfo402`:
73+
return intoFileInfo402
7474
}
7575

7676
func TaintStepTest_ArchiveTarReaderNext_B0I0O0(sourceCQL interface{}) interface{} {
77-
// The flow is from `fromReader127` into `intoHeader483`.
77+
// The flow is from `fromReader994` into `intoHeader183`.
7878

79-
// Assume that `sourceCQL` has the underlying type of `fromReader127`:
80-
fromReader127 := sourceCQL.(tar.Reader)
79+
// Assume that `sourceCQL` has the underlying type of `fromReader994`:
80+
fromReader994 := sourceCQL.(tar.Reader)
8181

8282
// Call the method that transfers the taint
83-
// from the receiver `fromReader127` to the result `intoHeader483`
84-
// (`intoHeader483` is now tainted).
85-
intoHeader483, _ := fromReader127.Next()
83+
// from the receiver `fromReader994` to the result `intoHeader183`
84+
// (`intoHeader183` is now tainted).
85+
intoHeader183, _ := fromReader994.Next()
8686

87-
// Return the tainted `intoHeader483`:
88-
return intoHeader483
87+
// Return the tainted `intoHeader183`:
88+
return intoHeader183
8989
}
9090

9191
func TaintStepTest_ArchiveTarReaderRead_B0I0O0(sourceCQL interface{}) interface{} {
92-
// The flow is from `fromReader989` into `intoByte982`.
92+
// The flow is from `fromReader746` into `intoByte905`.
9393

94-
// Assume that `sourceCQL` has the underlying type of `fromReader989`:
95-
fromReader989 := sourceCQL.(tar.Reader)
94+
// Assume that `sourceCQL` has the underlying type of `fromReader746`:
95+
fromReader746 := sourceCQL.(tar.Reader)
9696

97-
// Declare `intoByte982` variable:
98-
var intoByte982 []byte
97+
// Declare `intoByte905` variable:
98+
var intoByte905 []byte
9999

100100
// Call the method that transfers the taint
101-
// from the receiver `fromReader989` to the argument `intoByte982`
102-
// (`intoByte982` is now tainted).
103-
fromReader989.Read(intoByte982)
101+
// from the receiver `fromReader746` to the argument `intoByte905`
102+
// (`intoByte905` is now tainted).
103+
fromReader746.Read(intoByte905)
104104

105-
// Return the tainted `intoByte982`:
106-
return intoByte982
105+
// Return the tainted `intoByte905`:
106+
return intoByte905
107107
}
108108

109109
func TaintStepTest_ArchiveTarWriterWrite_B0I0O0(sourceCQL interface{}) interface{} {
110-
// The flow is from `fromByte417` into `intoWriter584`.
110+
// The flow is from `fromByte262` into `intoWriter837`.
111111

112-
// Assume that `sourceCQL` has the underlying type of `fromByte417`:
113-
fromByte417 := sourceCQL.([]byte)
112+
// Assume that `sourceCQL` has the underlying type of `fromByte262`:
113+
fromByte262 := sourceCQL.([]byte)
114114

115-
// Declare `intoWriter584` variable:
116-
var intoWriter584 tar.Writer
115+
// Declare `intoWriter837` variable:
116+
var intoWriter837 tar.Writer
117117

118118
// Call the method that transfers the taint
119-
// from the parameter `fromByte417` to the receiver `intoWriter584`
120-
// (`intoWriter584` is now tainted).
121-
intoWriter584.Write(fromByte417)
119+
// from the parameter `fromByte262` to the receiver `intoWriter837`
120+
// (`intoWriter837` is now tainted).
121+
intoWriter837.Write(fromByte262)
122122

123-
// Return the tainted `intoWriter584`:
124-
return intoWriter584
123+
// Return the tainted `intoWriter837`:
124+
return intoWriter837
125125
}
126126

127127
func TaintStepTest_ArchiveTarWriterWriteHeader_B0I0O0(sourceCQL interface{}) interface{} {
128-
// The flow is from `fromHeader991` into `intoWriter881`.
128+
// The flow is from `fromHeader798` into `intoWriter568`.
129129

130-
// Assume that `sourceCQL` has the underlying type of `fromHeader991`:
131-
fromHeader991 := sourceCQL.(*tar.Header)
130+
// Assume that `sourceCQL` has the underlying type of `fromHeader798`:
131+
fromHeader798 := sourceCQL.(*tar.Header)
132132

133-
// Declare `intoWriter881` variable:
134-
var intoWriter881 tar.Writer
133+
// Declare `intoWriter568` variable:
134+
var intoWriter568 tar.Writer
135135

136136
// Call the method that transfers the taint
137-
// from the parameter `fromHeader991` to the receiver `intoWriter881`
138-
// (`intoWriter881` is now tainted).
139-
intoWriter881.WriteHeader(fromHeader991)
137+
// from the parameter `fromHeader798` to the receiver `intoWriter568`
138+
// (`intoWriter568` is now tainted).
139+
intoWriter568.WriteHeader(fromHeader798)
140140

141-
// Return the tainted `intoWriter881`:
142-
return intoWriter881
141+
// Return the tainted `intoWriter568`:
142+
return intoWriter568
143143
}
144144

145145
func RunAllTaints_ArchiveTar() {

0 commit comments

Comments
 (0)