Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit afede9b

Browse files
gagliardettogagliardetto
committed
Remove encoder taint-tracking for encoding/hex 
1 parent 96a700b commit afede9b

File tree

2 files changed

+4
-84
lines changed

2 files changed

+4
-84
lines changed

ql/src/semmle/go/frameworks/stdlib/EncodingHex.qll

Lines changed: 0 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -19,29 +19,9 @@ module EncodingHex {
1919
hasQualifiedName("encoding/hex", "DecodeString") and
2020
(inp.isParameter(0) and outp.isResult(0))
2121
or
22-
// signature: func Dump(data []byte) string
23-
hasQualifiedName("encoding/hex", "Dump") and
24-
(inp.isParameter(0) and outp.isResult())
25-
or
26-
// signature: func Dumper(w io.Writer) io.WriteCloser
27-
hasQualifiedName("encoding/hex", "Dumper") and
28-
(inp.isResult() and outp.isParameter(0))
29-
or
30-
// signature: func Encode(dst []byte, src []byte) int
31-
hasQualifiedName("encoding/hex", "Encode") and
32-
(inp.isParameter(1) and outp.isParameter(0))
33-
or
34-
// signature: func EncodeToString(src []byte) string
35-
hasQualifiedName("encoding/hex", "EncodeToString") and
36-
(inp.isParameter(0) and outp.isResult())
37-
or
3822
// signature: func NewDecoder(r io.Reader) io.Reader
3923
hasQualifiedName("encoding/hex", "NewDecoder") and
4024
(inp.isParameter(0) and outp.isResult())
41-
or
42-
// signature: func NewEncoder(w io.Writer) io.Writer
43-
hasQualifiedName("encoding/hex", "NewEncoder") and
44-
(inp.isResult() and outp.isParameter(0))
4525
}
4626

4727
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {

ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingHex.go

Lines changed: 4 additions & 64 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)