Add logrus to go.qll

Sauyon Lee · Sauyon Lee · commit 1e034a1dd5aa · 2020-10-22T09:18:52.000-07:00
diff --git a/ql/src/go.qll b/ql/src/go.qll
@@ -34,6 +34,7 @@ import semmle.go.frameworks.Email
 import semmle.go.frameworks.Encoding
 import semmle.go.frameworks.Gin
 import semmle.go.frameworks.Glog
+import semmle.go.frameworks.Logrus
 import semmle.go.frameworks.HTTP
 import semmle.go.frameworks.Macaron
 import semmle.go.frameworks.Mux
diff --git a/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected b/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
@@ -1,6 +1,7 @@
 edges
 | klog.go:20:30:20:37 | selection of Header : Header | klog.go:22:15:22:20 | header |
 | klog.go:28:13:28:20 | selection of Header : Header | klog.go:28:13:28:41 | call to Get |
+| main.go:21:19:21:26 | password : string | main.go:22:29:22:34 | fields |
 | overrides.go:9:9:9:16 | password : string | overrides.go:13:14:13:23 | call to String |
 | passwords.go:8:12:8:12 | definition of x : string | passwords.go:9:14:9:14 | x |
 | passwords.go:30:8:30:15 | password : string | passwords.go:8:12:8:12 | definition of x : string |
@@ -31,6 +32,10 @@ nodes
 | klog.go:28:13:28:41 | call to Get | semmle.label | call to Get |
 | main.go:15:14:15:21 | password | semmle.label | password |
 | main.go:17:12:17:19 | password | semmle.label | password |
+| main.go:18:17:18:24 | password | semmle.label | password |
+| main.go:21:19:21:26 | password : string | semmle.label | password : string |
+| main.go:22:29:22:34 | fields | semmle.label | fields |
+| main.go:25:35:25:42 | password | semmle.label | password |
 | overrides.go:9:9:9:16 | password : string | semmle.label | password : string |
 | overrides.go:13:14:13:23 | call to String | semmle.label | call to String |
 | passwords.go:8:12:8:12 | definition of x : string | semmle.label | definition of x : string |
@@ -78,6 +83,9 @@ nodes
 | klog.go:28:13:28:41 | call to Get | klog.go:28:13:28:20 | selection of Header : Header | klog.go:28:13:28:41 | call to Get | Sensitive data returned by $@ is logged here. | klog.go:28:13:28:20 | selection of Header | HTTP request headers |
 | main.go:15:14:15:21 | password | main.go:15:14:15:21 | password | main.go:15:14:15:21 | password | Sensitive data returned by $@ is logged here. | main.go:15:14:15:21 | password | an access to password |
 | main.go:17:12:17:19 | password | main.go:17:12:17:19 | password | main.go:17:12:17:19 | password | Sensitive data returned by $@ is logged here. | main.go:17:12:17:19 | password | an access to password |
+| main.go:18:17:18:24 | password | main.go:18:17:18:24 | password | main.go:18:17:18:24 | password | Sensitive data returned by $@ is logged here. | main.go:18:17:18:24 | password | an access to password |
+| main.go:22:29:22:34 | fields | main.go:21:19:21:26 | password : string | main.go:22:29:22:34 | fields | Sensitive data returned by $@ is logged here. | main.go:21:19:21:26 | password | an access to password |
+| main.go:25:35:25:42 | password | main.go:25:35:25:42 | password | main.go:25:35:25:42 | password | Sensitive data returned by $@ is logged here. | main.go:25:35:25:42 | password | an access to password |
 | overrides.go:13:14:13:23 | call to String | overrides.go:9:9:9:16 | password : string | overrides.go:13:14:13:23 | call to String | Sensitive data returned by $@ is logged here. | overrides.go:9:9:9:16 | password | an access to password |
 | passwords.go:9:14:9:14 | x | passwords.go:30:8:30:15 | password : string | passwords.go:9:14:9:14 | x | Sensitive data returned by $@ is logged here. | passwords.go:30:8:30:15 | password | an access to password |
 | passwords.go:25:14:25:21 | password | passwords.go:25:14:25:21 | password | passwords.go:25:14:25:21 | password | Sensitive data returned by $@ is logged here. | passwords.go:25:14:25:21 | password | an access to password |
