Skip to content

Commit f58462b

Browse files
am0o0am0o0
committed
fix tests
1 parent 0d670f8 commit f58462b

File tree

1 file changed

+31
-22
lines changed
  • go/ql/test/library-tests/semmle/go/frameworks/Fasthttp

1 file changed

+31
-22
lines changed

go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go

Lines changed: 31 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -25,30 +25,39 @@ func fasthttpClient() {
2525
fasthttp.DialDualStackTimeout(userInput, 5) // $ SsrfSink=userInput
2626

2727
res := &fasthttp.Response{}
28-
req := &fasthttp.Request{}
29-
req.SetHost(source().(string))
30-
sink(req) // $ hasTaintFlow="req"
31-
req.SetHostBytes(source().([]byte))
32-
sink(req) // $ hasTaintFlow="req"
33-
req.SetRequestURI(source().(string))
34-
sink(req) // $ hasTaintFlow="req"
35-
req.SetRequestURIBytes(source().([]byte))
36-
sink(req) // $ hasTaintFlow="req"
37-
38-
uri := fasthttp.AcquireURI()
28+
req1 := &fasthttp.Request{}
29+
req1.SetHost(source().(string))
30+
sink(req1) // $ hasTaintFlow="req1"
31+
req2 := &fasthttp.Request{}
32+
req2.SetHostBytes(source().([]byte))
33+
sink(req2) // $ hasTaintFlow="req2"
34+
req3 := &fasthttp.Request{}
35+
req3.SetRequestURI(source().(string))
36+
sink(req3) // $ hasTaintFlow="req3"
37+
req4 := &fasthttp.Request{}
38+
req4.SetRequestURIBytes(source().([]byte))
39+
sink(req4) // $ hasTaintFlow="req4"
40+
41+
uri1 := fasthttp.AcquireURI()
3942
userInput = "UserControlled.com:80"
40-
uri.SetHost(source().(string))
41-
sink(uri) // $ hasTaintFlow="uri"
42-
uri.SetHostBytes(source().([]byte))
43-
sink(uri) // $ hasTaintFlow="uri"
43+
uri1.SetHost(source().(string))
44+
sink(uri1) // $ hasTaintFlow="uri1"
45+
uri2 := fasthttp.AcquireURI()
46+
uri2.SetHostBytes(source().([]byte))
47+
sink(uri2) // $ hasTaintFlow="uri2"
4448
userInput = "http://UserControlled.com"
45-
uri.Update(source().(string))
46-
sink(uri) // $ hasTaintFlow="uri"
47-
uri.UpdateBytes(source().([]byte))
48-
sink(uri) // $ hasTaintFlow="uri"
49-
uri.Parse(source().([]byte), source().([]byte))
50-
sink(uri) // $ hasTaintFlow="uri"
51-
req.SetURI(uri)
49+
uri3 := fasthttp.AcquireURI()
50+
uri3.Update(source().(string))
51+
sink(uri3) // $ hasTaintFlow="uri3"
52+
uri4 := fasthttp.AcquireURI()
53+
uri4.UpdateBytes(source().([]byte))
54+
sink(uri4) // $ hasTaintFlow="uri4"
55+
uri5 := fasthttp.AcquireURI()
56+
uri5.Parse(source().([]byte), source().([]byte))
57+
sink(uri5) // $ hasTaintFlow="uri5"
58+
req := &fasthttp.Request{}
59+
uri6 := fasthttp.AcquireURI()
60+
req.SetURI(uri6)
5261

5362
resByte := make([]byte, 1000)
5463
userInput = "http://127.0.0.1:8909"

0 commit comments

Comments
 (0)