Change tests to inline expectations

atorralba · atorralba · commit 7286f5671826 · 2024-03-04T17:29:12.000+01:00
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.expected
@@ -1,12 +1,2 @@
-| sources.go:10:6:10:20 | call to AllParams |
-| sources.go:11:6:11:22 | call to GetCookie |
-| sources.go:12:2:12:31 | ... = ...[0] |
-| sources.go:13:2:13:40 | ... = ...[0] |
-| sources.go:14:2:14:26 | ... = ...[0] |
-| sources.go:15:6:15:19 | call to Params |
-| sources.go:16:6:16:25 | call to ParamsEscape |
-| sources.go:17:6:17:18 | call to Query |
-| sources.go:18:6:18:24 | call to QueryEscape |
-| sources.go:19:6:19:25 | call to QueryStrings |
-| sources.go:20:2:20:20 | ... = ...[0] |
-| sources.go:21:2:21:21 | ... = ...[0] |
+testFailures
+failures
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql
@@ -1,3 +1,18 @@
 import go
+import TestUtilities.InlineExpectationsTest
 
-select any(UntrustedFlowSource ufs)
+module UntrustedFlowSourceTest implements TestSig {
+  string getARelevantTag() { result = "UntrustedFlowSource" }
+
+  predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(UntrustedFlowSource src |
+      src.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
+        location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
+      element = src.toString() and
+      value = "" and
+      tag = "UntrustedFlowSource"
+    )
+  }
+}
+
+import MakeTest<UntrustedFlowSourceTest>
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go
@@ -7,16 +7,16 @@ import (
 )
 
 func sources(ctx *macaron.Context, body *macaron.RequestBody) {
-	_ = ctx.AllParams()
-	_ = ctx.GetCookie("")
-	_, _ = ctx.GetSecureCookie("")
-	_, _ = ctx.GetSuperSecureCookie("", "")
-	_, _, _ = ctx.GetFile("")
-	_ = ctx.Params("")
-	_ = ctx.ParamsEscape("")
-	_ = ctx.Query("")
-	_ = ctx.QueryEscape("")
-	_ = ctx.QueryStrings("")
-	_, _ = body.Bytes()
-	_, _ = body.String()
+	_ = ctx.AllParams()                     // $UntrustedFlowSource
+	_ = ctx.GetCookie("")                   // $UntrustedFlowSource
+	_, _ = ctx.GetSecureCookie("")          // $UntrustedFlowSource
+	_, _ = ctx.GetSuperSecureCookie("", "") // $UntrustedFlowSource
+	_, _, _ = ctx.GetFile("")               // $UntrustedFlowSource
+	_ = ctx.Params("")                      // $UntrustedFlowSource
+	_ = ctx.ParamsEscape("")                // $UntrustedFlowSource
+	_ = ctx.Query("")                       // $UntrustedFlowSource
+	_ = ctx.QueryEscape("")                 // $UntrustedFlowSource
+	_ = ctx.QueryStrings("")                // $UntrustedFlowSource
+	_, _ = body.Bytes()                     // $UntrustedFlowSource
+	_, _ = body.String()                    // $UntrustedFlowSource
 }
