Skip to content

Commit 52d1e45

Browse files
am0o0am0o0
committed
add comments for better quality
1 parent f3ea72c commit 52d1e45

File tree

1 file changed

+25
-0
lines changed

1 file changed

+25
-0
lines changed

go/ql/lib/semmle/go/security/FileSystemAccess.qll

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
import go
22

3+
/**
4+
* Provide File system access sinks of [fasthttp](https://github.com/valyala/fasthttp) web framework
5+
*/
36
class FastHttpFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
47
FastHttpFileSystemAccess() {
58
exists(DataFlow::Method mcn |
@@ -33,6 +36,9 @@ class FastHttpFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNo
3336
}
3437
}
3538

39+
/**
40+
* Provide File system access sinks of `net/http` package
41+
*/
3642
class HttpServeFile extends FileSystemAccess::Range, DataFlow::CallNode {
3743
HttpServeFile() {
3844
exists(DataFlow::Function mcn |
@@ -44,6 +50,9 @@ class HttpServeFile extends FileSystemAccess::Range, DataFlow::CallNode {
4450
override DataFlow::Node getAPathArgument() { result = this.getArgument(2) }
4551
}
4652

53+
/**
54+
* Provide File system access sinks of [beego](https://github.com/beego/beego) web framework
55+
*/
4756
class BeegoFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
4857
BeegoFileSystemAccess() {
4958
exists(DataFlow::Method mcn |
@@ -67,6 +76,9 @@ class BeegoFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode
6776
}
6877
}
6978

79+
/**
80+
* Provide File system access sinks of [beego](https://github.com/beego/beego) web framework
81+
*/
7082
class EchoFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
7183
EchoFileSystemAccess() {
7284
exists(DataFlow::Method mcn |
@@ -78,6 +90,9 @@ class EchoFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
7890
override DataFlow::Node getAPathArgument() { result = this.getArgument(0) }
7991
}
8092

93+
/**
94+
* Provide File system access sinks of [gin](https://github.com/gin-gonic/gin) web framework
95+
*/
8196
class GinFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
8297
GinFileSystemAccess() {
8398
exists(DataFlow::Method mcn |
@@ -94,6 +109,9 @@ class GinFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
94109
}
95110
}
96111

112+
/**
113+
* Provide File system access sinks of [iris](https://github.com/kataras/iris) web framework
114+
*/
97115
class IrisFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
98116
IrisFileSystemAccess() {
99117
exists(DataFlow::Method mcn |
@@ -115,6 +133,9 @@ class IrisFileSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
115133
}
116134
}
117135

136+
/**
137+
* Provide File system access sinks of [fiber](https://github.com/gofiber/fiber) web framework
138+
*/
118139
class FiberSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
119140
FiberSystemAccess() {
120141
exists(DataFlow::Method mcn |
@@ -133,6 +154,10 @@ class FiberSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
133154
}
134155
}
135156

157+
/**
158+
* Provide File system access sinks of [afero](https://github.com/spf13/afero) filesystem framework
159+
* The Only Type that is not vulnerable to path traversal is `afero.IOFS`
160+
*/
136161
class AferoSystemAccess extends FileSystemAccess::Range, DataFlow::CallNode {
137162
AferoSystemAccess() {
138163
exists(DataFlow::Function mcn |

0 commit comments

Comments
 (0)