Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c361caf

Browse files
am0o0am0o0
committed
fix tests for FileSystemAccess, add comments for adding some functions in future, remove old comments
1 parent f58462b commit c361caf

4 files changed

Lines changed: 41 additions & 24 deletions

File tree

go/ql/lib/semmle/go/frameworks/Fasthttp.qll

Lines changed: 9 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -75,8 +75,6 @@ module Fasthttp {
7575

7676
/**
7777
* A function that sends HTTP requests.
78-
* First argument of following functions need Additional steps.
79-
* look at URI module, additional steps part for more information.
8078
*/
8179
class RequestForgerySinkDo extends RequestForgery::Sink {
8280
RequestForgerySinkDo() {
@@ -134,6 +132,8 @@ module Fasthttp {
134132
module Args {
135133
/**
136134
* The methods as Remote user controllable source which are part of the incoming URL Parameters.
135+
*
136+
* When support for lambdas has been implemented we should model "VisitAll"
137137
*/
138138
class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node {
139139
UntrustedFlowSource() {
@@ -195,8 +195,6 @@ module Fasthttp {
195195

196196
/**
197197
* A method that sends HTTP requests.
198-
* First argument of following methods need Additional steps.
199-
* Look at Request module, additional steps part for more information.
200198
*/
201199
class RequestForgerySinkDo extends RequestForgery::Sink {
202200
RequestForgerySinkDo() {
@@ -220,8 +218,6 @@ module Fasthttp {
220218
module PipelineClient {
221219
/**
222220
* A method that sends HTTP requests.
223-
* First argument of following methods need Additional steps.
224-
* Look at Request module, additional steps part for more information.
225221
*/
226222
class RequestForgerySinkDo extends RequestForgery::Sink {
227223
RequestForgerySinkDo() {
@@ -264,8 +260,6 @@ module Fasthttp {
264260

265261
/**
266262
* A method that sends HTTP requests.
267-
* first argument of following methods need Additional steps.
268-
* Look at Request module, additional steps part for more information.
269263
*/
270264
class RequestForgerySinkDo extends RequestForgery::Sink {
271265
RequestForgerySinkDo() {
@@ -289,8 +283,6 @@ module Fasthttp {
289283
module LBClient {
290284
/**
291285
* A method that sends HTTP requests.
292-
* first argument of following methods need Additional steps.
293-
* Look at Request module, additional steps part for more information.
294286
*/
295287
class RequestForgerySinkDo extends RequestForgery::Sink {
296288
RequestForgerySinkDo() {
@@ -379,10 +371,7 @@ module Fasthttp {
379371
)
380372
}
381373

382-
override DataFlow::Node getAPathArgument() {
383-
this.getTarget().getName() = ["SendFile", "SendFileBytes"] and
384-
result = this.getArgument(0)
385-
}
374+
override DataFlow::Node getAPathArgument() { result = this.getArgument(0) }
386375
}
387376

388377
/**
@@ -402,7 +391,9 @@ module Fasthttp {
402391
}
403392

404393
/**
405-
* The methods as Remote user controllable source which are generally related to HTTP request
394+
* The methods as Remote user controllable source which are generally related to HTTP request.
395+
*
396+
* When support for lambdas has been implemented we should model "VisitAll", "VisitAllCookie", "VisitAllInOrder", "VisitAllTrailer"
406397
*/
407398
class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node {
408399
UntrustedFlowSource() {
@@ -436,7 +427,9 @@ module Fasthttp {
436427
*/
437428
module RequestHeader {
438429
/**
439-
* The methods as Remote user controllable source which are mostly related to HTTP Request Headers
430+
* The methods as Remote user controllable source which are mostly related to HTTP Request Headers.
431+
*
432+
* When support for lambdas has been implemented we should model "VisitAll", "VisitAllCookie", "VisitAllInOrder", "VisitAllTrailer"
440433
*/
441434
class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node {
442435
UntrustedFlowSource() {

go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/FileSystemAccess.expected

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
testFailures
2+
failures

go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/FileSystemAccess.ql

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
import go
2+
import TestUtilities.InlineExpectationsTest
3+
4+
module FasthttpFileSystemAccessTest implements TestSig {
5+
string getARelevantTag() { result = "FileSystemAccess" }
6+
7+
predicate hasActualResult(Location location, string element, string tag, string value) {
8+
exists(FileSystemAccess fileSystemAccess, DataFlow::Node aPathArgument |
9+
aPathArgument = fileSystemAccess.getAPathArgument()
10+
|
11+
aPathArgument
12+
.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
13+
location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
14+
element = aPathArgument.toString() and
15+
value = aPathArgument.toString() and
16+
tag = "FileSystemAccess"
17+
)
18+
}
19+
}
20+
21+
import MakeTest<FasthttpFileSystemAccessTest>

go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -121,15 +121,16 @@ func fasthttpServer() {
121121
requestHandler := func(requestCtx *fasthttp.RequestCtx) {
122122
filePath := requestCtx.QueryArgs().Peek("filePath") // $ UntrustedFlowSource="call to Peek"
123123
// File System Access
124-
_ = requestCtx.Response.SendFile(string(filePath)) // $ FileSystemAccess=string(filePath)
125-
requestCtx.SendFile(string(filePath)) // $ FileSystemAccess=string(filePath)
126-
requestCtx.SendFileBytes(filePath) // $ FileSystemAccess=filePath
124+
filePath_string := string(filePath)
125+
_ = requestCtx.Response.SendFile(filePath_string) // $ FileSystemAccess=filePath_string
126+
requestCtx.SendFile(filePath_string) // $ FileSystemAccess=filePath_string
127+
requestCtx.SendFileBytes(filePath) // $ FileSystemAccess=filePath
127128
fileHeader, _ := requestCtx.FormFile("file")
128-
_ = fasthttp.SaveMultipartFile(fileHeader, string(filePath)) // $ FileSystemAccess=string(filePath)
129-
fasthttp.ServeFile(requestCtx, string(filePath)) // $ FileSystemAccess=string(filePath)
130-
fasthttp.ServeFileUncompressed(requestCtx, string(filePath)) // $ FileSystemAccess=string(filePath)
131-
fasthttp.ServeFileBytes(requestCtx, filePath) // $ FileSystemAccess=filePath
132-
fasthttp.ServeFileBytesUncompressed(requestCtx, filePath) // $ FileSystemAccess=filePath
129+
_ = fasthttp.SaveMultipartFile(fileHeader, filePath_string) // $ FileSystemAccess=filePath_string
130+
fasthttp.ServeFile(requestCtx, filePath_string) // $ FileSystemAccess=filePath_string
131+
fasthttp.ServeFileUncompressed(requestCtx, filePath_string) // $ FileSystemAccess=filePath_string
132+
fasthttp.ServeFileBytes(requestCtx, filePath) // $ FileSystemAccess=filePath
133+
fasthttp.ServeFileBytesUncompressed(requestCtx, filePath) // $ FileSystemAccess=filePath
133134

134135
dstReader := &bufio.Reader{}
135136
// user controlled methods as source

0 commit comments

Comments
 (0)