Skip to content

Commit 62bad6c

Browse files
GeekMasherGeekMasher
committed
feat: add log injection query to testing GoMicro
1 parent b3df568 commit 62bad6c

File tree

2 files changed

+25
-0
lines changed

2 files changed

+25
-0
lines changed

go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
edges
2+
| main.go:14:46:14:48 | definition of req | main.go:14:46:14:48 | definition of req |
3+
| main.go:14:46:14:48 | definition of req | main.go:14:46:14:48 | definition of req |
4+
| main.go:14:46:14:48 | definition of req | main.go:17:28:17:31 | name |
5+
| main.go:14:46:14:48 | definition of req | main.go:17:28:17:31 | name |
6+
| main.go:14:46:14:48 | definition of req | proto/Hello.pb.micro.go:85:53:85:54 | definition of in |
7+
| proto/Hello.pb.micro.go:85:53:85:54 | definition of in | proto/Hello.pb.micro.go:85:53:85:54 | definition of in |
8+
| proto/Hello.pb.micro.go:85:53:85:54 | definition of in | proto/Hello.pb.micro.go:86:37:86:38 | in |
9+
| proto/Hello.pb.micro.go:85:53:85:54 | definition of in | proto/Hello.pb.micro.go:86:37:86:38 | in |
10+
| proto/Hello.pb.micro.go:86:37:86:38 | in | main.go:14:46:14:48 | definition of req |
11+
| proto/Hello.pb.micro.go:86:37:86:38 | in | main.go:14:46:14:48 | definition of req |
12+
| proto/Hello.pb.micro.go:86:37:86:38 | in | proto/Hello.pb.micro.go:85:53:85:54 | definition of in |
13+
| proto/Hello.pb.micro.go:86:37:86:38 | in | proto/Hello.pb.micro.go:85:53:85:54 | definition of in |
14+
nodes
15+
| main.go:14:46:14:48 | definition of req | semmle.label | definition of req |
16+
| main.go:14:46:14:48 | definition of req | semmle.label | definition of req |
17+
| main.go:17:28:17:31 | name | semmle.label | name |
18+
| proto/Hello.pb.micro.go:85:53:85:54 | definition of in | semmle.label | definition of in |
19+
| proto/Hello.pb.micro.go:85:53:85:54 | definition of in | semmle.label | definition of in |
20+
| proto/Hello.pb.micro.go:86:37:86:38 | in | semmle.label | in |
21+
| proto/Hello.pb.micro.go:86:37:86:38 | in | semmle.label | in |
22+
subpaths
23+
#select
24+
| main.go:17:28:17:31 | name | main.go:14:46:14:48 | definition of req | main.go:17:28:17:31 | name | This log entry depends on a $@. | main.go:14:46:14:48 | definition of req | user-provided value |

go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Security/CWE-117/LogInjection.ql

0 commit comments

Comments
 (0)