Model StartWithContext

atorralba · smowton · atorralba · commit 9a0fb39382f7 · 2024-01-19T09:25:35.000+01:00
Co-authored-by: Chris Smowton &lt;smowton@github.com&gt;
diff --git a/go/ql/lib/semmle/go/frameworks/AwsLambda.qll b/go/ql/lib/semmle/go/frameworks/AwsLambda.qll
@@ -45,7 +45,7 @@ private class StartOrNewHandlerFunction extends Function {
       ]) and
     handlerArgPos = 0
     or
-    this.hasQualifiedName(awsLambdaPkg(), "StartHandlerWithContext") and
+    this.hasQualifiedName(awsLambdaPkg(), ["StartHandlerWithContext", "StartWithContext"]) and
     handlerArgPos = 1
   }
 
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.go b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.go
@@ -148,6 +148,14 @@ func Handler16(ctx context.Context, event Event) (*Response, error) {
 	return &Response{Message: ""}, nil
 }
 
+func Handler17(ctx context.Context, event Event) (*Response, error) {
+	sink(ctx)        // safe
+	sink(event.Name) // $ hasTaintFlow="selection of Name"
+	sink(event.Age)  // $ hasTaintFlow="selection of Age"
+	sink(event)      // $ hasTaintFlow="event"
+	return &Response{Message: ""}, nil
+}
+
 func main() {
 	lambda.Start(Handler0)
 	lambda.Start(Handler1)
@@ -177,23 +185,31 @@ func main() {
 	})
 	lambda.StartHandlerWithContext(context.Background(), MyHandlerFunc(Handler12))
 	lambda.StartHandlerWithContext(context.Background(), &Handler13{})
-	lambda.StartWithOptions(Handler14)
+	lambda.StartWithContext(context.Background(), Handler14)
+	lambda.StartWithContext(context.Background(), func(ctx context.Context, event Event) (*Response, error) {
+		sink(ctx)        // safe
+		sink(event.Name) // $ hasTaintFlow="selection of Name"
+		sink(event.Age)  // $ hasTaintFlow="selection of Age"
+		sink(event)      // $ hasTaintFlow="event"
+		return &Response{Message: ""}, nil
+	})
+	lambda.StartWithOptions(Handler15)
 	lambda.StartWithOptions(func(ctx context.Context, event Event) (*Response, error) {
 		sink(ctx)        // safe
 		sink(event.Name) // $ hasTaintFlow="selection of Name"
 		sink(event.Age)  // $ hasTaintFlow="selection of Age"
 		sink(event)      // $ hasTaintFlow="event"
 		return &Response{Message: ""}, nil
 	})
-	lambda.NewHandler(Handler15)
+	lambda.NewHandler(Handler16)
 	lambda.NewHandler(func(ctx context.Context, event Event) (*Response, error) {
 		sink(ctx)        // safe
 		sink(event.Name) // $ hasTaintFlow="selection of Name"
 		sink(event.Age)  // $ hasTaintFlow="selection of Age"
 		sink(event)      // $ hasTaintFlow="event"
 		return &Response{Message: ""}, nil
 	})
-	lambda.NewHandlerWithOptions(Handler16)
+	lambda.NewHandlerWithOptions(Handler17)
 	lambda.NewHandlerWithOptions(func(ctx context.Context, event Event) (*Response, error) {
 		sink(ctx)        // safe
 		sink(event.Name) // $ hasTaintFlow="selection of Name"
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/github.com/aws/aws-lambda-go/lambda/stub.go b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/github.com/aws/aws-lambda-go/lambda/stub.go

Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ private class StartOrNewHandlerFunction extends Function {`
`45`	`45`	`]) and`
`46`	`46`	`handlerArgPos = 0`
`47`	`47`	`or`
`48`		`- this.hasQualifiedName(awsLambdaPkg(), "StartHandlerWithContext") and`
	`48`	`+ this.hasQualifiedName(awsLambdaPkg(), ["StartHandlerWithContext", "StartWithContext"]) and`
`49`	`49`	`handlerArgPos = 1`
`50`	`50`	`}`
`51`	`51`