Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit 1a3589a

Browse files
smowtonsmowton
authored
Merge pull request #352 from smowton/smowton/feature/http-newrequest
Add model for net/http.NewRequest
2 parents 6130720 + c1fbbfb commit 1a3589a

File tree

2 files changed

+28
-0
lines changed
  • ql
    • src/semmle/go/frameworks/stdlib
    • test/library-tests/semmle/go/frameworks/StdlibTaintFlow

2 files changed

+28
-0
lines changed

ql/src/semmle/go/frameworks/stdlib/NetHttp.qll

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -252,6 +252,14 @@ module NetHttp {
252252
hasQualifiedName("net/http", "MaxBytesReader") and
253253
(inp.isParameter(1) and outp.isResult())
254254
or
255+
// signature: func NewRequest(method, url string, body io.Reader) (*Request, error)
256+
hasQualifiedName("net/http", "NewRequest") and
257+
(inp.isParameter(1) and outp.isResult(0))
258+
or
259+
// signature: func NewRequestWithContext(ctx context.Context, method, url string, body io.Reader) (*Request, error)
260+
hasQualifiedName("net/http", "NewRequestWithContext") and
261+
(inp.isParameter(2) and outp.isResult(0))
262+
or
255263
// signature: func ReadRequest(b *bufio.Reader) (*Request, error)
256264
hasQualifiedName("net/http", "ReadRequest") and
257265
(inp.isParameter(0) and outp.isResult(0))

ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/NetHttp.go

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)