Add Tests

Author: maikypedia

go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected

@@ -0,0 +1,14 @@
+edges
+| ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:18:18:18:32 | call to Query |
+| ImproperLdapAuth.go:18:18:18:32 | call to Query | ImproperLdapAuth.go:28:23:28:34 | bindPassword |
+| ImproperLdapAuth.go:80:18:80:19 | "" | ImproperLdapAuth.go:90:23:90:34 | bindPassword |
+nodes
+| ImproperLdapAuth.go:18:18:18:24 | selection of URL | semmle.label | selection of URL |
+| ImproperLdapAuth.go:18:18:18:32 | call to Query | semmle.label | call to Query |
+| ImproperLdapAuth.go:28:23:28:34 | bindPassword | semmle.label | bindPassword |
+| ImproperLdapAuth.go:80:18:80:19 | "" | semmle.label | "" |
+| ImproperLdapAuth.go:90:23:90:34 | bindPassword | semmle.label | bindPassword |
+subpaths
+#select
+| ImproperLdapAuth.go:28:23:28:34 | bindPassword | ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:28:23:28:34 | bindPassword | LDAP binding password depends on a $@. | ImproperLdapAuth.go:18:18:18:24 | selection of URL | user-provided value |
+| ImproperLdapAuth.go:90:23:90:34 | bindPassword | ImproperLdapAuth.go:80:18:80:19 | "" | ImproperLdapAuth.go:90:23:90:34 | bindPassword | LDAP binding password depends on a $@. | ImproperLdapAuth.go:80:18:80:19 | "" | user-provided value |

go/ql/test/experimental/CWE-287/ImproperLdapAuth.go

@@ -1,5 +1,7 @@
 package main
 
+//go:generate depstubber -vendor gopkg.in/ldap.v2 Conn Dial
+
 import (
 	"fmt"
 	"log"

go/ql/test/experimental/CWE-287/go.mod

@@ -0,0 +1,6 @@
+# gopkg.in/ldap.v2 v2.5.1
+## explicit
+gopkg.in/ldap.v2
+# gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d
+## explicit
+gopkg.in/asn1-ber.v1