-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathGorqlite.qll
More file actions
37 lines (32 loc) · 1.03 KB
/
Gorqlite.qll
File metadata and controls
37 lines (32 loc) · 1.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
/**
* Provides classes modeling security-relevant aspects of the `gorqlite` package.
*/
overlay[local?]
module;
import go
/**
* Provides classes modeling security-relevant aspects of the `gorqlite` package.
*/
module Gorqlite {
private string packagePath() {
result =
package([
"github.com/rqlite/gorqlite", "github.com/raindog308/gorqlite",
"github.com/kanikanema/gorqlite"
], "")
}
// These are expressed using TaintTracking::FunctionModel because varargs functions don't work with Models-as-Data summaries yet.
private class QueryResultScan extends TaintTracking::FunctionModel, Method {
FunctionInput inp;
FunctionOutput outp;
QueryResultScan() {
// signature: func (qr *QueryResult) Scan(dest ...interface{}) error
this.hasQualifiedName(packagePath(), "QueryResult", "Scan") and
inp.isReceiver() and
outp.isParameter(_)
}
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
input = inp and output = outp
}
}
}