Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 405a563

Browse files
smowtonsmowton
committed
Add missing tests for CertStorage
1 parent 803b9d3 commit 405a563

2 files changed

Lines changed: 49 additions & 0 deletions

File tree

  • go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy

go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
package main
44

55
import (
6+
"crypto/tls"
67
"fmt"
78
"net/http"
89

@@ -23,6 +24,25 @@ func handler1(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Resp
2324
return r, goproxy.TextResponse(r, "Hello!") // $ headerwrite=status:200 headerwrite=content-type:text/plain
2425
}
2526

27+
func taintedCertStorage() *goproxy.CertStorage {
28+
return nil
29+
}
30+
31+
func taintedFunction() func() (*tls.Certificate, error) {
32+
return nil
33+
}
34+
35+
func sink(_ *tls.Certificate) { }
36+
37+
func testCertStorageFetch() {
38+
cert, _ := (*taintedCertStorage()).Fetch("myhostname.org", nil)
39+
sink(cert) // $ taintflow
40+
41+
var storage goproxy.CertStorage
42+
cert2, _ := storage.Fetch("myhostname.org", taintedFunction())
43+
sink(cert2) // $ taintflow
44+
}
45+
2646
func main() {
2747

2848
}

go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,3 +47,32 @@ class LoggerTest extends InlineExpectationsTest {
4747
)
4848
}
4949
}
50+
51+
class Config extends TaintTracking::Configuration {
52+
Config() { this = "goproxy config" }
53+
54+
override predicate isSource(DataFlow::Node n) {
55+
n = any(DataFlow::CallNode c | c.getCalleeName().matches("tainted%")).getResult()
56+
}
57+
58+
override predicate isSink(DataFlow::Node n) {
59+
n = any(DataFlow::CallNode cn | cn.getTarget().getName() = "sink").getAnArgument()
60+
}
61+
}
62+
63+
class TaintFlow extends InlineExpectationsTest {
64+
TaintFlow() { this = "goproxy flow" }
65+
66+
override string getARelevantTag() { result = "taintflow" }
67+
68+
override predicate hasActualResult(Location location, string element, string tag, string value) {
69+
tag = "taintflow" and
70+
value = "" and
71+
element = "" and
72+
exists(Config c, DataFlow::Node fromNode, DataFlow::Node toNode |
73+
toNode.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
74+
location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
75+
c.hasFlow(fromNode, toNode)
76+
)
77+
}
78+
}

0 commit comments

Comments
 (0)