michaelnebel
diff --git a/‎docs/codeql/reusables/supported-versions-compilers.rst
Lines changed: 1 addition & 1 deletion b/‎docs/codeql/reusables/supported-versions-compilers.rst
Lines changed: 1 addition & 1 deletion
diff --git a/‎go/ql/lib/change-notes/2023-02-15-golang-120.md
Lines changed: 4 additions & 0 deletions b/‎go/ql/lib/change-notes/2023-02-15-golang-120.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/Types.qll
Lines changed: 4 additions & 16 deletions b/‎go/ql/lib/semmle/go/Types.qll
Lines changed: 4 additions & 16 deletions
diff --git a/‎go/ql/lib/semmle/go/frameworks/Stdlib.qll
Lines changed: 1 addition & 0 deletions b/‎go/ql/lib/semmle/go/frameworks/Stdlib.qll
Lines changed: 1 addition & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/frameworks/stdlib/Bytes.qll
Lines changed: 9 additions & 0 deletions b/‎go/ql/lib/semmle/go/frameworks/stdlib/Bytes.qll
Lines changed: 9 additions & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/frameworks/stdlib/Errors.qll
Lines changed: 4 additions & 0 deletions b/‎go/ql/lib/semmle/go/frameworks/stdlib/Errors.qll
Lines changed: 4 additions & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/frameworks/stdlib/Sync.qll
Lines changed: 10 additions & 0 deletions b/‎go/ql/lib/semmle/go/frameworks/stdlib/Sync.qll
Lines changed: 10 additions & 0 deletions
diff --git a/‎go/ql/lib/semmle/go/frameworks/stdlib/Unsafe.qll
Lines changed: 22 additions & 0 deletions b/‎go/ql/lib/semmle/go/frameworks/stdlib/Unsafe.qll
Lines changed: 22 additions & 0 deletions
diff --git a/‎go/ql/test/library-tests/semmle/go/Types/QualifiedNames.expected
Lines changed: 25 additions & 25 deletions b/‎go/ql/test/library-tests/semmle/go/Types/QualifiedNames.expected
Lines changed: 25 additions & 25 deletions
diff --git a/‎go/ql/test/library-tests/semmle/go/Types/Types.expected
Lines changed: 25 additions & 25 deletions b/‎go/ql/test/library-tests/semmle/go/Types/Types.expected
Lines changed: 25 additions & 25 deletions
@@ -16,7 +16,7 @@
    .NET Core up to 3.1
 
    .NET 5, .NET 6","``.sln``, ``.csproj``, ``.cs``, ``.cshtml``, ``.xaml``"
-   Go (aka Golang), "Go up to 1.19", "Go 1.11 or more recent", ``.go``
+   Go (aka Golang), "Go up to 1.20", "Go 1.11 or more recent", ``.go``
    Java,"Java 7 to 19 [4]_","javac (OpenJDK and Oracle JDK),
 
    Eclipse compiler for Java (ECJ) [5]_",``.java``
 
@@ -0,0 +1,4 @@
+---
+category: feature
+---
+* Go 1.20 is now supported. The extractor now functions as expected when Go 1.20 is installed, the definitions of `implementsComparable` has been updated according to Go 1.20's new, more-liberal rules, and taint flow models have been added for relevant new standard library functions.
@@ -112,22 +112,10 @@ class Type extends @type {
       or
       u instanceof ArrayType and u.(ArrayType).getElementType().implementsComparable()
       or
-      exists(InterfaceType uif | uif = u |
-        not uif instanceof BasicInterfaceType and
-        if exists(uif.getAnEmbeddedTypeSetLiteral())
-        then
-          // All types in the intersection of all the embedded type set
-          // literals must implement comparable.
-          forall(Type intersectionType |
-            intersectionType = uif.getAnEmbeddedTypeSetLiteral().getATerm().getType() and
-            forall(TypeSetLiteralType tslit | tslit = uif.getAnEmbeddedTypeSetLiteral() |
-              intersectionType = tslit.getATerm().getType()
-            )
-          |
-            intersectionType.implementsComparable()
-          )
-        else uif.isOrEmbedsComparable()
-      )
+      // As of Go 1.20, any interface type satisfies the `comparable` constraint, even though comparison
+      // may panic at runtime depending on the actual object's concrete type.
+      // Look at git history here if you need the old definition.
+      u instanceof InterfaceType
     )
   }
 
 
@@ -65,6 +65,7 @@ import semmle.go.frameworks.stdlib.Syscall
 import semmle.go.frameworks.stdlib.TextScanner
 import semmle.go.frameworks.stdlib.TextTabwriter
 import semmle.go.frameworks.stdlib.TextTemplate
+import semmle.go.frameworks.stdlib.Unsafe
 
 /** A `String()` method. */
 class StringMethod extends TaintTracking::FunctionModel, Method {
 
@@ -11,6 +11,15 @@ module Bytes {
     FunctionOutput outp;
 
     FunctionModels() {
+      hasQualifiedName("bytes", "Clone") and
+      (inp.isParameter(0) and outp.isResult())
+      or
+      hasQualifiedName("bytes", "Cut") and
+      (inp.isParameter(0) and outp.isResult([0, 1]))
+      or
+      hasQualifiedName("bytes", ["CutPrefix", "CutSuffix"]) and
+      (inp.isParameter(0) and outp.isResult(0))
+      or
       // signature: func Fields(s []byte) [][]byte
       hasQualifiedName("bytes", "Fields") and
       (inp.isParameter(0) and outp.isResult())
 
@@ -22,6 +22,10 @@ module Errors {
       // signature: func Unwrap(err error) error
       hasQualifiedName("errors", "Unwrap") and
       (inp.isParameter(0) and outp.isResult())
+      or
+      // signature: func Join(errs ...error) error
+      hasQualifiedName("errors", "Join") and
+      (inp.isParameter(_) and outp.isResult())
     }
 
     override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
 
@@ -11,6 +11,9 @@ module Sync {
     FunctionOutput outp;
 
     MethodModels() {
+      hasQualifiedName("sync", "Map", "CompareAndSwap") and
+      (inp.isParameter(2) and outp.isReceiver())
+      or
       // signature: func (*Map) Load(key interface{}) (value interface{}, ok bool)
       hasQualifiedName("sync", "Map", "Load") and
       (inp.isReceiver() and outp.isResult(0))
@@ -28,6 +31,13 @@ module Sync {
       hasQualifiedName("sync", "Map", "Store") and
       (inp.isParameter(_) and outp.isReceiver())
       or
+      hasQualifiedName("sync", "Map", "Swap") and
+      (
+        inp.isReceiver() and outp.isResult(0)
+        or
+        inp.isParameter(_) and outp.isReceiver()
+      )
+      or
       // signature: func (*Pool) Get() interface{}
       hasQualifiedName("sync", "Pool", "Get") and
       (inp.isReceiver() and outp.isResult())
 
@@ -0,0 +1,22 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `unsafe` package.
+ */
+
+import go
+
+/** Provides models of commonly used functions in the `unsafe` package. */
+module Unsafe {
+  private class FunctionModels extends TaintTracking::FunctionModel {
+    FunctionInput inp;
+    FunctionOutput outp;
+
+    FunctionModels() {
+      hasQualifiedName("unsafe", ["String", "StringData", "Slice", "SliceData"]) and
+      (inp.isParameter(0) and outp.isResult())
+    }
+
+    override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
+      input = inp and output = outp
+    }
+  }
+}
@@ -51,31 +51,31 @@
 | interface.go:95:6:95:8 | i18 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.i18 |
 | interface.go:101:6:101:8 | i19 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.i19 |
 | interface.go:105:6:105:8 | i20 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.i20 |
-| interface.go:110:6:110:19 | testComparable | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable |
-| interface.go:111:6:111:20 | testComparable0 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable0 |
-| interface.go:112:6:112:20 | testComparable1 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable1 |
-| interface.go:113:6:113:20 | testComparable2 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable2 |
-| interface.go:114:6:114:20 | testComparable3 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable3 |
-| interface.go:115:6:115:20 | testComparable4 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable4 |
-| interface.go:116:6:116:20 | testComparable5 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable5 |
-| interface.go:117:6:117:20 | testComparable6 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable6 |
-| interface.go:118:6:118:20 | testComparable7 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable7 |
-| interface.go:119:6:119:20 | testComparable8 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable8 |
-| interface.go:120:6:120:20 | testComparable9 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable9 |
-| interface.go:121:6:121:21 | testComparable10 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable10 |
-| interface.go:122:6:122:21 | testComparable11 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable11 |
-| interface.go:123:6:123:21 | testComparable12 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable12 |
-| interface.go:124:6:124:21 | testComparable13 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable13 |
-| interface.go:125:6:125:21 | testComparable14 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable14 |
-| interface.go:126:6:126:21 | testComparable15 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable15 |
-| interface.go:127:6:127:21 | testComparable16 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable16 |
-| interface.go:128:6:128:21 | testComparable17 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable17 |
-| interface.go:129:6:129:21 | testComparable18 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable18 |
-| interface.go:130:6:130:21 | testComparable19 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable19 |
-| interface.go:131:6:131:21 | testComparable20 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable20 |
-| interface.go:132:6:132:21 | testComparable21 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable21 |
-| interface.go:133:6:133:21 | testComparable22 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable22 |
-| interface.go:134:6:134:21 | testComparable23 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable23 |
+| interface.go:114:6:114:19 | testComparable | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable |
+| interface.go:115:6:115:20 | testComparable0 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable0 |
+| interface.go:116:6:116:20 | testComparable1 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable1 |
+| interface.go:117:6:117:20 | testComparable2 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable2 |
+| interface.go:118:6:118:20 | testComparable3 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable3 |
+| interface.go:119:6:119:20 | testComparable4 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable4 |
+| interface.go:120:6:120:20 | testComparable5 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable5 |
+| interface.go:121:6:121:20 | testComparable6 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable6 |
+| interface.go:122:6:122:20 | testComparable7 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable7 |
+| interface.go:123:6:123:20 | testComparable8 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable8 |
+| interface.go:124:6:124:20 | testComparable9 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable9 |
+| interface.go:125:6:125:21 | testComparable10 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable10 |
+| interface.go:126:6:126:21 | testComparable11 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable11 |
+| interface.go:127:6:127:21 | testComparable12 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable12 |
+| interface.go:128:6:128:21 | testComparable13 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable13 |
+| interface.go:129:6:129:21 | testComparable14 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable14 |
+| interface.go:130:6:130:21 | testComparable15 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable15 |
+| interface.go:131:6:131:21 | testComparable16 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable16 |
+| interface.go:132:6:132:21 | testComparable17 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable17 |
+| interface.go:133:6:133:21 | testComparable18 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable18 |
+| interface.go:134:6:134:21 | testComparable19 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable19 |
+| interface.go:135:6:135:21 | testComparable20 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable20 |
+| interface.go:136:6:136:21 | testComparable21 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable21 |
+| interface.go:137:6:137:21 | testComparable22 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable22 |
+| interface.go:138:6:138:21 | testComparable23 | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types.testComparable23 |
 | pkg1/embedding.go:8:6:8:9 | base | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types/pkg1.base |
 | pkg1/embedding.go:19:6:19:13 | embedder | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types/pkg1.embedder |
 | pkg1/embedding.go:22:6:22:16 | ptrembedder | github.com/github/codeql-go/ql/test/library-tests/semmle/go/Types/pkg1.ptrembedder |
 
@@ -51,31 +51,31 @@
 | interface.go:95:6:95:8 | i18 | i18 |
 | interface.go:101:6:101:8 | i19 | i19 |
 | interface.go:105:6:105:8 | i20 | i20 |
-| interface.go:110:6:110:19 | testComparable | testComparable |
-| interface.go:111:6:111:20 | testComparable0 | testComparable0 |
-| interface.go:112:6:112:20 | testComparable1 | testComparable1 |
-| interface.go:113:6:113:20 | testComparable2 | testComparable2 |
-| interface.go:114:6:114:20 | testComparable3 | testComparable3 |
-| interface.go:115:6:115:20 | testComparable4 | testComparable4 |
-| interface.go:116:6:116:20 | testComparable5 | testComparable5 |
-| interface.go:117:6:117:20 | testComparable6 | testComparable6 |
-| interface.go:118:6:118:20 | testComparable7 | testComparable7 |
-| interface.go:119:6:119:20 | testComparable8 | testComparable8 |
-| interface.go:120:6:120:20 | testComparable9 | testComparable9 |
-| interface.go:121:6:121:21 | testComparable10 | testComparable10 |
-| interface.go:122:6:122:21 | testComparable11 | testComparable11 |
-| interface.go:123:6:123:21 | testComparable12 | testComparable12 |
-| interface.go:124:6:124:21 | testComparable13 | testComparable13 |
-| interface.go:125:6:125:21 | testComparable14 | testComparable14 |
-| interface.go:126:6:126:21 | testComparable15 | testComparable15 |
-| interface.go:127:6:127:21 | testComparable16 | testComparable16 |
-| interface.go:128:6:128:21 | testComparable17 | testComparable17 |
-| interface.go:129:6:129:21 | testComparable18 | testComparable18 |
-| interface.go:130:6:130:21 | testComparable19 | testComparable19 |
-| interface.go:131:6:131:21 | testComparable20 | testComparable20 |
-| interface.go:132:6:132:21 | testComparable21 | testComparable21 |
-| interface.go:133:6:133:21 | testComparable22 | testComparable22 |
-| interface.go:134:6:134:21 | testComparable23 | testComparable23 |
+| interface.go:114:6:114:19 | testComparable | testComparable |
+| interface.go:115:6:115:20 | testComparable0 | testComparable0 |
+| interface.go:116:6:116:20 | testComparable1 | testComparable1 |
+| interface.go:117:6:117:20 | testComparable2 | testComparable2 |
+| interface.go:118:6:118:20 | testComparable3 | testComparable3 |
+| interface.go:119:6:119:20 | testComparable4 | testComparable4 |
+| interface.go:120:6:120:20 | testComparable5 | testComparable5 |
+| interface.go:121:6:121:20 | testComparable6 | testComparable6 |
+| interface.go:122:6:122:20 | testComparable7 | testComparable7 |
+| interface.go:123:6:123:20 | testComparable8 | testComparable8 |
+| interface.go:124:6:124:20 | testComparable9 | testComparable9 |
+| interface.go:125:6:125:21 | testComparable10 | testComparable10 |
+| interface.go:126:6:126:21 | testComparable11 | testComparable11 |
+| interface.go:127:6:127:21 | testComparable12 | testComparable12 |
+| interface.go:128:6:128:21 | testComparable13 | testComparable13 |
+| interface.go:129:6:129:21 | testComparable14 | testComparable14 |
+| interface.go:130:6:130:21 | testComparable15 | testComparable15 |
+| interface.go:131:6:131:21 | testComparable16 | testComparable16 |
+| interface.go:132:6:132:21 | testComparable17 | testComparable17 |
+| interface.go:133:6:133:21 | testComparable18 | testComparable18 |
+| interface.go:134:6:134:21 | testComparable19 | testComparable19 |
+| interface.go:135:6:135:21 | testComparable20 | testComparable20 |
+| interface.go:136:6:136:21 | testComparable21 | testComparable21 |
+| interface.go:137:6:137:21 | testComparable22 | testComparable22 |
+| interface.go:138:6:138:21 | testComparable23 | testComparable23 |
 | pkg1/embedding.go:8:6:8:9 | base | base |
 | pkg1/embedding.go:19:6:19:13 | embedder | embedder |
 | pkg1/embedding.go:22:6:22:16 | ptrembedder | ptrembedder |
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: feature
 +---
 +* Go 1.20 is now supported. The extractor now functions as expected when Go 1.20 is installed, the definitions of `implementsComparable` has been updated according to Go 1.20's new, more-liberal rules, and taint flow models have been added for relevant new standard library functions.