Add more methods from GORM as sinks

owen-mc · owen-mc · commit d807e8de75ac · 2020-09-09T16:18:41.000+01:00
Cf. https://gorm.io/docs/security.html
diff --git a/ql/src/semmle/go/frameworks/SQL.qll b/ql/src/semmle/go/frameworks/SQL.qll
@@ -168,7 +168,8 @@ module SQL {
         meth.hasQualifiedName(package, "DB", name) and
         this = meth.getACall().getArgument(0) and
         package in ["github.com/jinzhu/gorm", "github.com/go-gorm/gorm", "gorm.io/gorm"] and
-        name in ["Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having", "Joins"]
+        name in ["Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having",
+              "Joins", "Exec", "Distinct", "Pluck"]
       )
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -168,7 +168,8 @@ module SQL {`
`168`	`168`	`meth.hasQualifiedName(package, "DB", name) and`
`169`	`169`	`this = meth.getACall().getArgument(0) and`
`170`	`170`	`package in ["github.com/jinzhu/gorm", "github.com/go-gorm/gorm", "gorm.io/gorm"] and`
`171`		`- name in ["Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having", "Joins"]`
	`171`	`+ name in ["Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having",`
	`172`	`+ "Joins", "Exec", "Distinct", "Pluck"]`
`172`	`173`	`)`
`173`	`174`	`}`
`174`	`175`	`}`