This repository was archived by the owner on Jan 5, 2023. It is now read-only.
File tree Expand file tree Collapse file tree 3 files changed +74
-0
lines changed
test/library-tests/semmle/go/frameworks/StdlibTaintFlow Expand file tree Collapse file tree 3 files changed +74
-0
lines changed Original file line number Diff line number Diff line change @@ -29,6 +29,7 @@ import semmle.go.frameworks.stdlib.EncodingPem
2929import semmle.go.frameworks.stdlib.EncodingXml
3030import semmle.go.frameworks.stdlib.Html
3131import semmle.go.frameworks.stdlib.HtmlTemplate
32+ import semmle.go.frameworks.stdlib.Errors
3233import semmle.go.frameworks.stdlib.Path
3334import semmle.go.frameworks.stdlib.PathFilepath
3435import semmle.go.frameworks.stdlib.Reflect
Original file line number Diff line number Diff line change 1+ /**
2+ * Provides classes modeling security-relevant aspects of the `errors` package.
3+ */
4+
5+ import go
6+
7+ /** Provides models of commonly used functions in the `errors` package. */
8+ module Errors {
9+ private class FunctionModels extends TaintTracking:: FunctionModel {
10+ FunctionInput inp ;
11+ FunctionOutput outp ;
12+
13+ FunctionModels ( ) {
14+ // signature: func As(err error, target interface{}) bool
15+ hasQualifiedName ( "errors" , "As" ) and
16+ ( inp .isParameter ( 0 ) and outp .isParameter ( 1 ) )
17+ or
18+ // signature: func New(text string) error
19+ hasQualifiedName ( "errors" , "New" ) and
20+ ( inp .isParameter ( 0 ) and outp .isResult ( ) )
21+ or
22+ // signature: func Unwrap(err error) error
23+ hasQualifiedName ( "errors" , "Unwrap" ) and
24+ ( inp .isParameter ( 0 ) and outp .isResult ( ) )
25+ }
26+
27+ override predicate hasTaintFlow ( FunctionInput input , FunctionOutput output ) {
28+ input = inp and output = outp
29+ }
30+ }
31+ }
You can’t perform that action at this time.
0 commit comments