Skip to content

Commit fa472f5

Browse files
owen-mcowen-mc
committed
Convert logging sinks to use MaD
1 parent d240951 commit fa472f5

19 files changed

+392
-98
lines changed

go/ql/lib/ext/fmt.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,11 @@
11
extensions:
2+
- addsTo:
3+
pack: codeql/go-all
4+
extensible: sinkModel
5+
data:
6+
- ["fmt", "", False, "Print", "", "", "Argument[0]", "log-injection", "manual"]
7+
- ["fmt", "", False, "Printf", "", "", "Argument[0..1]", "log-injection", "manual"]
8+
- ["fmt", "", False, "Println", "", "", "Argument[0]", "log-injection", "manual"]
29
- addsTo:
310
pack: codeql/go-all
411
extensible: summaryModel

go/ql/lib/ext/github.com.beego.beego.core.logs.model.yml

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/go-all
4+
extensible: packageGrouping
5+
data:
6+
- ["beego-logs", "github.com/astaxie/beego/logs"]
7+
- ["beego-logs", "github.com/beego/beego/logs"]
8+
- ["beego-logs", "github.com/beego/beego/core/logs"]
9+
- addsTo:
10+
pack: codeql/go-all
11+
extensible: sinkModel
12+
data:
13+
- ["group:beego-logs", "", False, "Alert", "", "", "Argument[0..1]", "log-injection", "manual"]
14+
- ["group:beego-logs", "", False, "Critical", "", "", "Argument[0..1]", "log-injection", "manual"]
15+
- ["group:beego-logs", "", False, "Debug", "", "", "Argument[0..1]", "log-injection", "manual"]
16+
- ["group:beego-logs", "", False, "Emergency", "", "", "Argument[0..1]", "log-injection", "manual"]
17+
- ["group:beego-logs", "", False, "Error", "", "", "Argument[0..1]", "log-injection", "manual"]
18+
- ["group:beego-logs", "", False, "Info", "", "", "Argument[0..1]", "log-injection", "manual"]
19+
- ["group:beego-logs", "", False, "Informational", "", "", "Argument[0..1]", "log-injection", "manual"]
20+
- ["group:beego-logs", "", False, "Notice", "", "", "Argument[0..1]", "log-injection", "manual"]
21+
- ["group:beego-logs", "", False, "Trace", "", "", "Argument[0..1]", "log-injection", "manual"]
22+
- ["group:beego-logs", "", False, "Warn", "", "", "Argument[0..1]", "log-injection", "manual"]
23+
- ["group:beego-logs", "", False, "Warning", "", "", "Argument[0..1]", "log-injection", "manual"]
24+
- ["group:beego-logs", "BeeLogger", False, "Alert", "", "", "Argument[0..1]", "log-injection", "manual"]
25+
- ["group:beego-logs", "BeeLogger", False, "Critical", "", "", "Argument[0..1]", "log-injection", "manual"]
26+
- ["group:beego-logs", "BeeLogger", False, "Debug", "", "", "Argument[0..1]", "log-injection", "manual"]
27+
- ["group:beego-logs", "BeeLogger", False, "Emergency", "", "", "Argument[0..1]", "log-injection", "manual"]
28+
- ["group:beego-logs", "BeeLogger", False, "Error", "", "", "Argument[0..1]", "log-injection", "manual"]
29+
- ["group:beego-logs", "BeeLogger", False, "Info", "", "", "Argument[0..1]", "log-injection", "manual"]
30+
- ["group:beego-logs", "BeeLogger", False, "Informational", "", "", "Argument[0..1]", "log-injection", "manual"]
31+
- ["group:beego-logs", "BeeLogger", False, "Notice", "", "", "Argument[0..1]", "log-injection", "manual"]
32+
- ["group:beego-logs", "BeeLogger", False, "Trace", "", "", "Argument[0..1]", "log-injection", "manual"]
33+
- ["group:beego-logs", "BeeLogger", False, "Warn", "", "", "Argument[0..1]", "log-injection", "manual"]
34+
- ["group:beego-logs", "BeeLogger", False, "Warning", "", "", "Argument[0..1]", "log-injection", "manual"]

go/ql/lib/ext/github.com.beego.beego.core.utils.model.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,11 @@ extensions:
66
- ["beego-utils", "github.com/astaxie/beego/utils"]
77
- ["beego-utils", "github.com/beego/beego/utils"]
88
- ["beego-utils", "github.com/beego/beego/core/utils"]
9+
- addsTo:
10+
pack: codeql/go-all
11+
extensible: sinkModel
12+
data:
13+
- ["group:beego-utils", "", False, "Display", "", "", "Argument[0]", "log-injection", "manual"]
914
- addsTo:
1015
pack: codeql/go-all
1116
extensible: summaryModel

go/ql/lib/ext/github.com.beego.beego.server.web.model.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,21 @@ extensions:
66
- ["beego", "github.com/astaxie/beego"]
77
- ["beego", "github.com/beego/beego"]
88
- ["beego", "github.com/beego/beego/server/web"]
9+
- addsTo:
10+
pack: codeql/go-all
11+
extensible: sinkModel
12+
data:
13+
- ["group:beego", "", False, "Alert", "", "", "Argument[0..1]", "log-injection", "manual"]
14+
- ["group:beego", "", False, "Critical", "", "", "Argument[0..1]", "log-injection", "manual"]
15+
- ["group:beego", "", False, "Debug", "", "", "Argument[0..1]", "log-injection", "manual"]
16+
- ["group:beego", "", False, "Emergency", "", "", "Argument[0..1]", "log-injection", "manual"]
17+
- ["group:beego", "", False, "Error", "", "", "Argument[0..1]", "log-injection", "manual"]
18+
- ["group:beego", "", False, "Info", "", "", "Argument[0..1]", "log-injection", "manual"]
19+
- ["group:beego", "", False, "Informational", "", "", "Argument[0..1]", "log-injection", "manual"]
20+
- ["group:beego", "", False, "Notice", "", "", "Argument[0..1]", "log-injection", "manual"]
21+
- ["group:beego", "", False, "Trace", "", "", "Argument[0..1]", "log-injection", "manual"]
22+
- ["group:beego", "", False, "Warn", "", "", "Argument[0..1]", "log-injection", "manual"]
23+
- ["group:beego", "", False, "Warning", "", "", "Argument[0..1]", "log-injection", "manual"]
924
- addsTo:
1025
pack: codeql/go-all
1126
extensible: summaryModel

go/ql/lib/ext/github.com.davecgh.go-spew.spew.model.yml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/go-all
4+
extensible: sinkModel
5+
data:
6+
- ["github.com/davecgh/go-spew/spew", "", False, "Dump", "", "", "Argument[0]", "log-injection", "manual"]
7+
- ["github.com/davecgh/go-spew/spew", "", False, "Errorf", "", "", "Argument[0..1]", "log-injection", "manual"]
8+
- ["github.com/davecgh/go-spew/spew", "", False, "Fdump", "", "", "Argument[1]", "log-injection", "manual"]
9+
- ["github.com/davecgh/go-spew/spew", "", False, "Fprint", "", "", "Argument[1]", "log-injection", "manual"]
10+
- ["github.com/davecgh/go-spew/spew", "", False, "Fprintf", "", "", "Argument[1..2]", "log-injection", "manual"]
11+
- ["github.com/davecgh/go-spew/spew", "", False, "Fprintln", "", "", "Argument[1]", "log-injection", "manual"]
12+
- ["github.com/davecgh/go-spew/spew", "", False, "Print", "", "", "Argument[0]", "log-injection", "manual"]
13+
- ["github.com/davecgh/go-spew/spew", "", False, "Printf", "", "", "Argument[0..1]", "log-injection", "manual"]
14+
- ["github.com/davecgh/go-spew/spew", "", False, "Println", "", "", "Argument[0]", "log-injection", "manual"]

go/ql/lib/ext/github.com.elazarl.goproxy.model.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,10 @@
11
extensions:
2+
- addsTo:
3+
pack: codeql/go-all
4+
extensible: sinkModel
5+
data:
6+
- ["github.com/elazarl/goproxy", "ProxyCtx", False, "Logf", "", "", "Argument[0..1]", "log-injection", "manual"]
7+
- ["github.com/elazarl/goproxy", "ProxyCtx", False, "Warnf", "", "", "Argument[0..1]", "log-injection", "manual"]
28
- addsTo:
39
pack: codeql/go-all
410
extensible: summaryModel

go/ql/lib/ext/github.com.golang.glog.model.yml

Lines changed: 102 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,102 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/go-all
4+
extensible: packageGrouping
5+
data:
6+
- ["glog", "github.com/golang/glog"]
7+
- ["glog", "gopkg.in/glog"]
8+
- ["glog", "k8s.io/klog"]
9+
- addsTo:
10+
pack: codeql/go-all
11+
extensible: sinkModel
12+
data:
13+
- ["group:glog", "", False, "Error", "", "", "Argument[0]", "log-injection", "manual"]
14+
- ["group:glog", "", False, "ErrorContext", "", "", "Argument[1]", "log-injection", "manual"]
15+
- ["group:glog", "", False, "ErrorContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
16+
- ["group:glog", "", False, "ErrorContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
17+
- ["group:glog", "", False, "ErrorContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
18+
- ["group:glog", "", False, "ErrorDepth", "", "", "Argument[1]", "log-injection", "manual"]
19+
- ["group:glog", "", False, "ErrorDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
20+
- ["group:glog", "", False, "Errorf", "", "", "Argument[0..1]", "log-injection", "manual"]
21+
- ["group:glog", "", False, "Errorln", "", "", "Argument[0]", "log-injection", "manual"]
22+
- ["group:glog", "", False, "Exit", "", "", "Argument[0]", "log-injection", "manual"]
23+
- ["group:glog", "", False, "ExitContext", "", "", "Argument[1]", "log-injection", "manual"]
24+
- ["group:glog", "", False, "ExitContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
25+
- ["group:glog", "", False, "ExitContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
26+
- ["group:glog", "", False, "ExitContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
27+
- ["group:glog", "", False, "ExitDepth", "", "", "Argument[1]", "log-injection", "manual"]
28+
- ["group:glog", "", False, "ExitDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
29+
- ["group:glog", "", False, "Exitf", "", "", "Argument[0..1]", "log-injection", "manual"]
30+
- ["group:glog", "", False, "Exitln", "", "", "Argument[0]", "log-injection", "manual"]
31+
- ["group:glog", "", False, "Fatal", "", "", "Argument[0]", "log-injection", "manual"]
32+
- ["group:glog", "", False, "FatalContext", "", "", "Argument[1]", "log-injection", "manual"]
33+
- ["group:glog", "", False, "FatalContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
34+
- ["group:glog", "", False, "FatalContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
35+
- ["group:glog", "", False, "FatalContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
36+
- ["group:glog", "", False, "FatalDepth", "", "", "Argument[1]", "log-injection", "manual"]
37+
- ["group:glog", "", False, "FatalDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
38+
- ["group:glog", "", False, "Fatalf", "", "", "Argument[0..1]", "log-injection", "manual"]
39+
- ["group:glog", "", False, "Fatalln", "", "", "Argument[0]", "log-injection", "manual"]
40+
- ["group:glog", "", False, "Info", "", "", "Argument[0]", "log-injection", "manual"]
41+
- ["group:glog", "", False, "InfoContext", "", "", "Argument[1]", "log-injection", "manual"]
42+
- ["group:glog", "", False, "InfoContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
43+
- ["group:glog", "", False, "InfoContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
44+
- ["group:glog", "", False, "InfoContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
45+
- ["group:glog", "", False, "InfoDepth", "", "", "Argument[1]", "log-injection", "manual"]
46+
- ["group:glog", "", False, "InfoDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
47+
- ["group:glog", "", False, "Infof", "", "", "Argument[0..1]", "log-injection", "manual"]
48+
- ["group:glog", "", False, "Infoln", "", "", "Argument[0]", "log-injection", "manual"]
49+
- ["group:glog", "", False, "Warning", "", "", "Argument[0]", "log-injection", "manual"]
50+
- ["group:glog", "", False, "WarningContext", "", "", "Argument[1]", "log-injection", "manual"]
51+
- ["group:glog", "", False, "WarningContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
52+
- ["group:glog", "", False, "WarningContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
53+
- ["group:glog", "", False, "WarningContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
54+
- ["group:glog", "", False, "WarningDepth", "", "", "Argument[1]", "log-injection", "manual"]
55+
- ["group:glog", "", False, "WarningDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
56+
- ["group:glog", "", False, "Warningf", "", "", "Argument[0..1]", "log-injection", "manual"]
57+
- ["group:glog", "", False, "Warningln", "", "", "Argument[0]", "log-injection", "manual"]
58+
- ["group:glog", "Verbose", False, "Error", "", "", "Argument[0]", "log-injection", "manual"]
59+
- ["group:glog", "Verbose", False, "ErrorContext", "", "", "Argument[1]", "log-injection", "manual"]
60+
- ["group:glog", "Verbose", False, "ErrorContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
61+
- ["group:glog", "Verbose", False, "ErrorContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
62+
- ["group:glog", "Verbose", False, "ErrorContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
63+
- ["group:glog", "Verbose", False, "ErrorDepth", "", "", "Argument[1]", "log-injection", "manual"]
64+
- ["group:glog", "Verbose", False, "ErrorDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
65+
- ["group:glog", "Verbose", False, "Errorf", "", "", "Argument[0..1]", "log-injection", "manual"]
66+
- ["group:glog", "Verbose", False, "Errorln", "", "", "Argument[0]", "log-injection", "manual"]
67+
- ["group:glog", "Verbose", False, "Exit", "", "", "Argument[0]", "log-injection", "manual"]
68+
- ["group:glog", "Verbose", False, "ExitContext", "", "", "Argument[1]", "log-injection", "manual"]
69+
- ["group:glog", "Verbose", False, "ExitContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
70+
- ["group:glog", "Verbose", False, "ExitContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
71+
- ["group:glog", "Verbose", False, "ExitContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
72+
- ["group:glog", "Verbose", False, "ExitDepth", "", "", "Argument[1]", "log-injection", "manual"]
73+
- ["group:glog", "Verbose", False, "ExitDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
74+
- ["group:glog", "Verbose", False, "Exitf", "", "", "Argument[0..1]", "log-injection", "manual"]
75+
- ["group:glog", "Verbose", False, "Exitln", "", "", "Argument[0]", "log-injection", "manual"]
76+
- ["group:glog", "Verbose", False, "Fatal", "", "", "Argument[0]", "log-injection", "manual"]
77+
- ["group:glog", "Verbose", False, "FatalContext", "", "", "Argument[1]", "log-injection", "manual"]
78+
- ["group:glog", "Verbose", False, "FatalContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
79+
- ["group:glog", "Verbose", False, "FatalContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
80+
- ["group:glog", "Verbose", False, "FatalContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
81+
- ["group:glog", "Verbose", False, "FatalDepth", "", "", "Argument[1]", "log-injection", "manual"]
82+
- ["group:glog", "Verbose", False, "FatalDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
83+
- ["group:glog", "Verbose", False, "Fatalf", "", "", "Argument[0..1]", "log-injection", "manual"]
84+
- ["group:glog", "Verbose", False, "Fatalln", "", "", "Argument[0]", "log-injection", "manual"]
85+
- ["group:glog", "Verbose", False, "Info", "", "", "Argument[0]", "log-injection", "manual"]
86+
- ["group:glog", "Verbose", False, "InfoContext", "", "", "Argument[1]", "log-injection", "manual"]
87+
- ["group:glog", "Verbose", False, "InfoContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
88+
- ["group:glog", "Verbose", False, "InfoContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
89+
- ["group:glog", "Verbose", False, "InfoContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
90+
- ["group:glog", "Verbose", False, "InfoDepth", "", "", "Argument[1]", "log-injection", "manual"]
91+
- ["group:glog", "Verbose", False, "InfoDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
92+
- ["group:glog", "Verbose", False, "Infof", "", "", "Argument[0..1]", "log-injection", "manual"]
93+
- ["group:glog", "Verbose", False, "Infoln", "", "", "Argument[0]", "log-injection", "manual"]
94+
- ["group:glog", "Verbose", False, "Warning", "", "", "Argument[0]", "log-injection", "manual"]
95+
- ["group:glog", "Verbose", False, "WarningContext", "", "", "Argument[1]", "log-injection", "manual"]
96+
- ["group:glog", "Verbose", False, "WarningContextDepth", "", "", "Argument[2]", "log-injection", "manual"]
97+
- ["group:glog", "Verbose", False, "WarningContextDepthf", "", "", "Argument[2..3]", "log-injection", "manual"]
98+
- ["group:glog", "Verbose", False, "WarningContextf", "", "", "Argument[1..2]", "log-injection", "manual"]
99+
- ["group:glog", "Verbose", False, "WarningDepth", "", "", "Argument[1]", "log-injection", "manual"]
100+
- ["group:glog", "Verbose", False, "WarningDepthf", "", "", "Argument[1..2]", "log-injection", "manual"]
101+
- ["group:glog", "Verbose", False, "Warningf", "", "", "Argument[0..1]", "log-injection", "manual"]
102+
- ["group:glog", "Verbose", False, "Warningln", "", "", "Argument[0]", "log-injection", "manual"]

0 commit comments

Comments
 (0)