Merge pull request #18 from trailofbits/fix-trim-misuse-df

GrosQuildu · web-flow · commit d994c7ca05da · 2024-12-18T16:06:53.000+01:00
Fix trim misuse df
diff --git a/cpp/src/codeql-pack.lock.yml b/cpp/src/codeql-pack.lock.yml
@@ -1,4 +1,24 @@
 ---
 lockVersion: 1.0.0
-dependencies: {}
+dependencies:
+  codeql/cpp-all:
+    version: 3.0.0
+  codeql/dataflow:
+    version: 1.1.7
+  codeql/mad:
+    version: 1.0.13
+  codeql/rangeanalysis:
+    version: 1.0.13
+  codeql/ssa:
+    version: 1.0.13
+  codeql/tutorial:
+    version: 1.0.13
+  codeql/typeflow:
+    version: 1.0.13
+  codeql/typetracking:
+    version: 1.0.13
+  codeql/util:
+    version: 2.0.0
+  codeql/xml:
+    version: 1.0.13
 compiled: false
diff --git a/cpp/test/codeql-pack.lock.yml b/cpp/test/codeql-pack.lock.yml
@@ -1,4 +1,24 @@
 ---
 lockVersion: 1.0.0
-dependencies: {}
+dependencies:
+  codeql/cpp-all:
+    version: 3.0.0
+  codeql/dataflow:
+    version: 1.1.7
+  codeql/mad:
+    version: 1.0.13
+  codeql/rangeanalysis:
+    version: 1.0.13
+  codeql/ssa:
+    version: 1.0.13
+  codeql/tutorial:
+    version: 1.0.13
+  codeql/typeflow:
+    version: 1.0.13
+  codeql/typetracking:
+    version: 1.0.13
+  codeql/util:
+    version: 2.0.0
+  codeql/xml:
+    version: 1.0.13
 compiled: false
diff --git a/go/src/codeql-pack.lock.yml b/go/src/codeql-pack.lock.yml
@@ -1,4 +1,20 @@
 ---
 lockVersion: 1.0.0
-dependencies: {}
+dependencies:
+  codeql/dataflow:
+    version: 1.1.7
+  codeql/go-all:
+    version: 3.0.0
+  codeql/mad:
+    version: 1.0.13
+  codeql/ssa:
+    version: 1.0.13
+  codeql/threat-models:
+    version: 1.0.13
+  codeql/tutorial:
+    version: 1.0.13
+  codeql/typetracking:
+    version: 1.0.13
+  codeql/util:
+    version: 2.0.0
 compiled: false
diff --git a/go/src/security/TrimMisuse/TrimMisuse.ql b/go/src/security/TrimMisuse/TrimMisuse.ql
@@ -11,7 +11,7 @@
  */
 
 import go
-import DataFlow2
+import semmle.go.dataflow.DataFlow
 
 /*
  * Flows from a string to TrimFamilyCall cutSet argument
@@ -32,7 +32,7 @@ module Trim2ndArgFlow = DataFlow::Global<Trim2ndArgConfig>;
 /*
  * Calls to Trim methods that we are interested in
  */
-class TrimFamilyCall extends CallNode {
+class TrimFamilyCall extends DataFlow::CallNode {
   TrimFamilyCall() {
     this.getTarget().hasQualifiedName("strings", ["TrimRight", "TrimLeft", "Trim"])
     or
diff --git a/go/test/codeql-pack.lock.yml b/go/test/codeql-pack.lock.yml
@@ -1,4 +1,20 @@
 ---
 lockVersion: 1.0.0
-dependencies: {}
+dependencies:
+  codeql/dataflow:
+    version: 1.1.7
+  codeql/go-all:
+    version: 3.0.0
+  codeql/mad:
+    version: 1.0.13
+  codeql/ssa:
+    version: 1.0.13
+  codeql/threat-models:
+    version: 1.0.13
+  codeql/tutorial:
+    version: 1.0.13
+  codeql/typetracking:
+    version: 1.0.13
+  codeql/util:
+    version: 2.0.0
 compiled: false
