diff --git a/go/ql/lib/change-notes/2024-11-12-models-as-data-subtypes-true.md b/go/ql/lib/change-notes/2024-11-12-models-as-data-subtypes-true.md new file mode 100644 index 000000000000..b1c78815ea37 --- /dev/null +++ b/go/ql/lib/change-notes/2024-11-12-models-as-data-subtypes-true.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `subtypes` column has been set to true in all models-as-data models except some tests. This means that existing models will apply in some cases where they didn't before, which may lead to more alerts. diff --git a/go/ql/lib/ext/fmt.model.yml b/go/ql/lib/ext/fmt.model.yml index 5234b509933b..cad64ce0fdf6 100644 --- a/go/ql/lib/ext/fmt.model.yml +++ b/go/ql/lib/ext/fmt.model.yml @@ -8,14 +8,14 @@ extensions: - ["fmt", "ScanState", True, "Token", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["fmt", "State", True, "Write", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["fmt", "Stringer", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Append", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Append", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Appendf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Appendf", "", "", "Argument[1]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Appendf", "", "", "Argument[2].ArrayElement", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Appendln", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Appendln", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Sprint", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Sprintf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Sprintf", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] - - ["fmt", "", True, "Sprintln", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Append", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Append", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Appendf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Appendf", "", "", "Argument[1]", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Appendf", "", "", "Argument[2].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Appendln", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Appendln", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Sprint", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Sprintf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Sprintf", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"] + - ["fmt", "", False, "Sprintln", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml b/go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml index f8481e58cb99..14402f65a8c1 100644 --- a/go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml +++ b/go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/antchfx/htmlquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/htmlquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/htmlquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/htmlquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/htmlquery", "", False, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/htmlquery", "", False, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/htmlquery", "", False, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/htmlquery", "", False, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml b/go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml index 436867a8ab5f..f50bbff2ff4d 100644 --- a/go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml +++ b/go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/antchfx/jsonquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/jsonquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/jsonquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/jsonquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/jsonquery", "", False, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/jsonquery", "", False, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/jsonquery", "", False, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/jsonquery", "", False, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml b/go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml index 6da9327681d4..5a9eec5af7e0 100644 --- a/go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml +++ b/go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/antchfx/xmlquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/xmlquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/xmlquery", "", True, "FindEach", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/xmlquery", "", True, "FindEachWithBreak", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/xmlquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] - - ["github.com/antchfx/xmlquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "Find", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "FindEach", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "FindEachWithBreak", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "Query", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xmlquery", "", False, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"] - ["github.com/antchfx/xmlquery", "Node", True, "SelectElement", "", "", "Argument[0]", "xpath-injection", "manual"] - ["github.com/antchfx/xmlquery", "Node", True, "SelectElements", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.antchfx.xpath.model.yml b/go/ql/lib/ext/github.com.antchfx.xpath.model.yml index dada694552f9..bb087f381adf 100644 --- a/go/ql/lib/ext/github.com.antchfx.xpath.model.yml +++ b/go/ql/lib/ext/github.com.antchfx.xpath.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/antchfx/xpath", "", True, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/antchfx/xpath", "", True, "CompileWithNS", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/antchfx/xpath", "", True, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/antchfx/xpath", "", True, "Select", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["github.com/antchfx/xpath", "", False, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/antchfx/xpath", "", False, "CompileWithNS", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/antchfx/xpath", "", False, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/antchfx/xpath", "", False, "Select", "", "", "Argument[1]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml b/go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml index e2c856af7e5a..da59cc203df1 100644 --- a/go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml +++ b/go/ql/lib/ext/github.com.beego.beego.server.web.context.model.yml @@ -11,7 +11,7 @@ extensions: extensible: sinkModel data: # path-injection - - ["group:beego-context", "BeegoOutput", False, "Download", "", "", "Argument[0]", "path-injection", "manual"] + - ["group:beego-context", "BeegoOutput", True, "Download", "", "", "Argument[0]", "path-injection", "manual"] # url-redirection - ["group:beego-context", "Context", True, "Redirect", "", "", "Argument[1]", "url-redirection", "manual"] - addsTo: diff --git a/go/ql/lib/ext/github.com.beego.beego.server.web.model.yml b/go/ql/lib/ext/github.com.beego.beego.server.web.model.yml index 8a11da7ad83c..963000fffccd 100644 --- a/go/ql/lib/ext/github.com.beego.beego.server.web.model.yml +++ b/go/ql/lib/ext/github.com.beego.beego.server.web.model.yml @@ -12,9 +12,9 @@ extensions: data: # path-injection - ["group:beego", "", False, "Walk", "", "", "Argument[1]", "path-injection", "manual"] - - ["group:beego", "Controller", False, "SaveToFile", "", "", "Argument[1]", "path-injection", "manual"] - - ["group:beego", "Controller", False, "SaveToFileWithBuffer", "", "", "Argument[1]", "path-injection", "manual"] # only exists in v2 - - ["group:beego", "FileSystem", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["group:beego", "Controller", True, "SaveToFile", "", "", "Argument[1]", "path-injection", "manual"] + - ["group:beego", "Controller", True, "SaveToFileWithBuffer", "", "", "Argument[1]", "path-injection", "manual"] # only exists in v2 + - ["group:beego", "FileSystem", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] # url-redirection - ["group:beego", "Controller", True, "Redirect", "", "", "Argument[0]", "url-redirection", "manual"] - addsTo: diff --git a/go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml b/go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml index 6e527dd5d68c..f5a4aeefb136 100644 --- a/go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml +++ b/go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/ChrisTrenkamp/goxpath", "", True, "MustParse", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/ChrisTrenkamp/goxpath", "", True, "Parse", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/ChrisTrenkamp/goxpath", "", True, "ParseExec", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/ChrisTrenkamp/goxpath", "", False, "MustParse", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/ChrisTrenkamp/goxpath", "", False, "Parse", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/ChrisTrenkamp/goxpath", "", False, "ParseExec", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.codeskyblue.go-sh.model.yml b/go/ql/lib/ext/github.com.codeskyblue.go-sh.model.yml index d1e5c590af6c..fab0d5915ae0 100644 --- a/go/ql/lib/ext/github.com.codeskyblue.go-sh.model.yml +++ b/go/ql/lib/ext/github.com.codeskyblue.go-sh.model.yml @@ -4,6 +4,6 @@ extensions: extensible: sinkModel data: - ["github.com/codeskyblue/go-sh", "", False, "Command", "", "", "Argument[0]", "command-injection", "manual"] - - ["github.com/codeskyblue/go-sh", "Session", False, "Call", "", "", "Argument[0]", "command-injection", "manual"] - - ["github.com/codeskyblue/go-sh", "Session", False, "Command", "", "", "Argument[0]", "command-injection", "manual"] - - ["github.com/codeskyblue/go-sh", "Session", False, "Exec", "", "", "Argument[0]", "command-injection", "manual"] + - ["github.com/codeskyblue/go-sh", "Session", True, "Call", "", "", "Argument[0]", "command-injection", "manual"] + - ["github.com/codeskyblue/go-sh", "Session", True, "Command", "", "", "Argument[0]", "command-injection", "manual"] + - ["github.com/codeskyblue/go-sh", "Session", True, "Exec", "", "", "Argument[0]", "command-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.cristalhq.jwt.model.yml b/go/ql/lib/ext/github.com.cristalhq.jwt.model.yml index b4d2d3299a45..cdf84d232928 100644 --- a/go/ql/lib/ext/github.com.cristalhq.jwt.model.yml +++ b/go/ql/lib/ext/github.com.cristalhq.jwt.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/cristalhq/jwt", "", True, "NewSignerHS", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/cristalhq/jwt", "", False, "NewSignerHS", "", "", "Argument[1]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml b/go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml index 04db1290669c..90b62a800dba 100644 --- a/go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml +++ b/go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml @@ -10,12 +10,12 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/dgrijalva/jwt-go", "", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/dgrijalva/jwt-go", "Parser", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/dgrijalva/jwt-go", "Parser", True, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseECPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseECPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseRSAPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseRSAPrivateKeyFromPEMWithPassword", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/dgrijalva/jwt-go", "", True, "ParseRSAPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseECPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseECPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseRSAPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseRSAPrivateKeyFromPEMWithPassword", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/dgrijalva/jwt-go", "", False, "ParseRSAPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml b/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml index bd228fc0ec35..92b1c757ac7a 100644 --- a/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml +++ b/go/ql/lib/ext/github.com.gin-gonic.gin.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/gin-gonic/gin", "Context", False, "File", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/gin-gonic/gin", "Context", False, "FileAttachment", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/gin-gonic/gin", "Context", False, "SaveUploadedFile", "", "", "Argument[1]", "path-injection", "manual"] + - ["github.com/gin-gonic/gin", "Context", True, "File", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/gin-gonic/gin", "Context", True, "FileAttachment", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/gin-gonic/gin", "Context", True, "SaveUploadedFile", "", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/go-all extensible: summaryModel diff --git a/go/ql/lib/ext/github.com.go-chi.chi.model.yml b/go/ql/lib/ext/github.com.go-chi.chi.model.yml index 10cb0333aff7..c24e7ab2b4a2 100644 --- a/go/ql/lib/ext/github.com.go-chi.chi.model.yml +++ b/go/ql/lib/ext/github.com.go-chi.chi.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/go-chi/chi", "", True, "URLParam", "", "", "ReturnValue", "remote", "manual"] - - ["github.com/go-chi/chi", "", True, "URLParamFromCtx", "", "", "ReturnValue", "remote", "manual"] + - ["github.com/go-chi/chi", "", False, "URLParam", "", "", "ReturnValue", "remote", "manual"] + - ["github.com/go-chi/chi", "", False, "URLParamFromCtx", "", "", "ReturnValue", "remote", "manual"] - ["github.com/go-chi/chi", "Context", True, "URLParam", "", "", "ReturnValue", "remote", "manual"] diff --git a/go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml b/go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml index eb9e54f171c7..7cfb1ff80f51 100644 --- a/go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml +++ b/go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/go-chi/jwtauth", "", True, "New", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/go-chi/jwtauth", "", False, "New", "", "", "Argument[1]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.go-jose.go-jose.jwt.model.yml b/go/ql/lib/ext/github.com.go-jose.go-jose.jwt.model.yml index 33c9957a66b3..ba06d21a93ef 100644 --- a/go/ql/lib/ext/github.com.go-jose.go-jose.jwt.model.yml +++ b/go/ql/lib/ext/github.com.go-jose.go-jose.jwt.model.yml @@ -16,7 +16,7 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["group:go-jose/jwt", "", True, "ParseEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["group:go-jose/jwt", "", True, "ParseSigned", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["group:go-jose/jwt", "", False, "ParseEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["group:go-jose/jwt", "", False, "ParseSigned", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["group:go-jose/jwt", "NestedJSONWebToken", True, "ParseSignedAndEncrypted", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["group:go-jose/jwt", "NestedJSONWebToken", True, "Decrypt", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml b/go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml index 9ed0791dc540..7a9da5bd4b06 100644 --- a/go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml +++ b/go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/go-kit/kit/auth/jwt", "", True, "NewSigner", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/go-kit/kit/auth/jwt", "", False, "NewSigner", "", "", "Argument[1]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml b/go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml index bd002dd25c94..931e65f18326 100644 --- a/go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml +++ b/go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["group:xmlpath", "", True, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["group:xmlpath", "", True, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["group:xmlpath", "", False, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["group:xmlpath", "", False, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.gobwas.ws.model.yml b/go/ql/lib/ext/github.com.gobwas.ws.model.yml index bb03c8220c88..fcaaee08d912 100644 --- a/go/ql/lib/ext/github.com.gobwas.ws.model.yml +++ b/go/ql/lib/ext/github.com.gobwas.ws.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/gobwas/ws", "", True, "ReadFrame", "", "", "ReturnValue[0]", "remote", "manual"] - - ["github.com/gobwas/ws", "", True, "ReadHeader", "", "", "ReturnValue[0]", "remote", "manual"] + - ["github.com/gobwas/ws", "", False, "ReadFrame", "", "", "ReturnValue[0]", "remote", "manual"] + - ["github.com/gobwas/ws", "", False, "ReadHeader", "", "", "ReturnValue[0]", "remote", "manual"] diff --git a/go/ql/lib/ext/github.com.gofiber.fiber.model.yml b/go/ql/lib/ext/github.com.gofiber.fiber.model.yml index 7e553b2156de..c959d137301f 100644 --- a/go/ql/lib/ext/github.com.gofiber.fiber.model.yml +++ b/go/ql/lib/ext/github.com.gofiber.fiber.model.yml @@ -4,9 +4,9 @@ extensions: extensible: sinkModel data: # path-injection - - ["github.com/gofiber/fiber", "Ctx", False, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/gofiber/fiber", "Ctx", False, "Download", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/gofiber/fiber", "Ctx", False, "SaveFile", "", "", "Argument[1]", "path-injection", "manual"] - - ["github.com/gofiber/fiber", "Ctx", False, "SaveFileToStorage", "", "", "Argument[1]", "path-injection", "manual"] # does not exist in v1 + - ["github.com/gofiber/fiber", "Ctx", True, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/gofiber/fiber", "Ctx", True, "Download", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/gofiber/fiber", "Ctx", True, "SaveFile", "", "", "Argument[1]", "path-injection", "manual"] + - ["github.com/gofiber/fiber", "Ctx", True, "SaveFileToStorage", "", "", "Argument[1]", "path-injection", "manual"] # does not exist in v1 # url-redirection - ["github.com/gofiber/fiber", "Ctx", True, "Redirect", "", "", "Argument[0]", "url-redirection[receiver]", "manual"] diff --git a/go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml b/go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml index 3f6eaac89b6b..494c94709994 100644 --- a/go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml +++ b/go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml @@ -10,14 +10,14 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/golang-jwt/jwt", "", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/golang-jwt/jwt", "Parser", True, "Parse", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["github.com/golang-jwt/jwt", "Parser", True, "ParseWithClaims", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseECPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseECPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseEdPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseEdPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseRSAPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "ParseRSAPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - - ["github.com/golang-jwt/jwt", "", True, "RegisterSigningMethod", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseECPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseECPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseEdPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseEdPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseRSAPrivateKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "ParseRSAPublicKeyFromPEM", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["github.com/golang-jwt/jwt", "", False, "RegisterSigningMethod", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/github.com.gorilla.mux.model.yml b/go/ql/lib/ext/github.com.gorilla.mux.model.yml index 438abdf559a4..b97fc4d2c1d2 100644 --- a/go/ql/lib/ext/github.com.gorilla.mux.model.yml +++ b/go/ql/lib/ext/github.com.gorilla.mux.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/gorilla/mux", "", True, "Vars", "", "", "ReturnValue", "remote", "manual"] # TODO: when sources can have access paths, use .MapValue (and .MapKey?) + - ["github.com/gorilla/mux", "", False, "Vars", "", "", "ReturnValue", "remote", "manual"] # TODO: when sources can have access paths, use .MapValue (and .MapKey?) diff --git a/go/ql/lib/ext/github.com.gorilla.websocket.model.yml b/go/ql/lib/ext/github.com.gorilla.websocket.model.yml index a4dafa18b0b2..3f03bba8a48c 100644 --- a/go/ql/lib/ext/github.com.gorilla.websocket.model.yml +++ b/go/ql/lib/ext/github.com.gorilla.websocket.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/go-all extensible: sourceModel data: - - ["github.com/gorilla/websocket", "", True, "ReadJSON", "", "", "Argument[1]", "remote", "manual"] + - ["github.com/gorilla/websocket", "", False, "ReadJSON", "", "", "Argument[1]", "remote", "manual"] - ["github.com/gorilla/websocket", "Conn", True, "ReadJSON", "", "", "Argument[0]", "remote", "manual"] - ["github.com/gorilla/websocket", "Conn", True, "ReadMessage", "", "", "ReturnValue[1]", "remote", "manual"] diff --git a/go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml b/go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml index 52e7beacaabb..5bcce412fd42 100644 --- a/go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml +++ b/go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/kataras/iris/middleware/jwt", "", True, "NewSigner", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/kataras/iris/middleware/jwt", "", False, "NewSigner", "", "", "Argument[1]", "credentials-key", "manual"] - ["github.com/kataras/iris/middleware/jwt", "Signer", True, "Key", "", "", "", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.kataras.jwt.model.yml b/go/ql/lib/ext/github.com.kataras.jwt.model.yml index ab87a7471755..3ecb1e0e577a 100644 --- a/go/ql/lib/ext/github.com.kataras.jwt.model.yml +++ b/go/ql/lib/ext/github.com.kataras.jwt.model.yml @@ -4,7 +4,7 @@ extensions: extensible: sinkModel data: - ["github.com/kataras/jwt", "Keys", True, "Register", "", "", "Argument[3]", "credentials-key", "manual"] - - ["github.com/kataras/jwt", "", True, "Sign", "", "", "Argument[1]", "credentials-key", "manual"] - - ["github.com/kataras/jwt", "", True, "SignEncrypted", "", "", "Argument[1]", "credentials-key", "manual"] - - ["github.com/kataras/jwt", "", True, "SignEncryptedWithHeader", "", "", "Argument[1]", "credentials-key", "manual"] - - ["github.com/kataras/jwt", "", True, "SignWithHeader", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/kataras/jwt", "", False, "Sign", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/kataras/jwt", "", False, "SignEncrypted", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/kataras/jwt", "", False, "SignEncryptedWithHeader", "", "", "Argument[1]", "credentials-key", "manual"] + - ["github.com/kataras/jwt", "", False, "SignWithHeader", "", "", "Argument[1]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.kelseyhightower.envconfig.model.yml b/go/ql/lib/ext/github.com.kelseyhightower.envconfig.model.yml index 71d032a18e1b..3b1ba531849e 100644 --- a/go/ql/lib/ext/github.com.kelseyhightower.envconfig.model.yml +++ b/go/ql/lib/ext/github.com.kelseyhightower.envconfig.model.yml @@ -8,4 +8,4 @@ extensions: - ["github.com/kelseyhightower/envconfig", "", False, "Process", "", "", "Argument[1]", "environment", "manual"] - ["github.com/kelseyhightower/envconfig", "", False, "Usage", "", "", "Argument[1]", "environment", "manual"] - ["github.com/kelseyhightower/envconfig", "", False, "Usagef", "", "", "Argument[1]", "environment", "manual"] - - ["github.com/kelseyhightower/envconfig", "", False, "Usaget", "", "", "Argument[1]", "environment", "manual"] \ No newline at end of file + - ["github.com/kelseyhightower/envconfig", "", False, "Usaget", "", "", "Argument[1]", "environment", "manual"] diff --git a/go/ql/lib/ext/github.com.labstack.echo.model.yml b/go/ql/lib/ext/github.com.labstack.echo.model.yml index b497cc133918..830360bbdb2d 100644 --- a/go/ql/lib/ext/github.com.labstack.echo.model.yml +++ b/go/ql/lib/ext/github.com.labstack.echo.model.yml @@ -4,8 +4,8 @@ extensions: extensible: sinkModel data: # path-injection - - ["github.com/labstack/echo", "Context", False, "Attachment", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/labstack/echo", "Context", False, "File", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/labstack/echo", "Context", True, "Attachment", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/labstack/echo", "Context", True, "File", "", "", "Argument[0]", "path-injection", "manual"] # url-redirection - ["github.com/labstack/echo", "Context", True, "Redirect", "", "", "Argument[1]", "url-redirection", "manual"] - addsTo: diff --git a/go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml b/go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml index c395430db406..ed2b3f310539 100644 --- a/go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml +++ b/go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/lestrrat-go/jwx/jwk", "", True, "New", "", "", "Argument[0]", "credentials-key", "manual"] + - ["github.com/lestrrat-go/jwx/jwk", "", False, "New", "", "", "Argument[0]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml b/go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml index 14a5cdd74827..78162bf4855a 100644 --- a/go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml +++ b/go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/lestrrat-go/jwx", "", True, "New", "", "", "Argument[0]", "credentials-key", "manual"] + - ["github.com/lestrrat-go/jwx", "", False, "New", "", "", "Argument[0]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml b/go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml index f194e1ec93cc..e4d7fe43de69 100644 --- a/go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml +++ b/go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/lestrrat/go-jwx/jwk", "", True, "New", "", "", "Argument[0]", "credentials-key", "manual"] + - ["github.com/lestrrat/go-jwx/jwk", "", False, "New", "", "", "Argument[0]", "credentials-key", "manual"] diff --git a/go/ql/lib/ext/github.com.moovweb.gokogiri.xpath.model.yml b/go/ql/lib/ext/github.com.moovweb.gokogiri.xpath.model.yml index 4bac7eb1c183..144f34e9dfc8 100644 --- a/go/ql/lib/ext/github.com.moovweb.gokogiri.xpath.model.yml +++ b/go/ql/lib/ext/github.com.moovweb.gokogiri.xpath.model.yml @@ -9,4 +9,4 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["group:gokogiri/xpath", "", True, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["group:gokogiri/xpath", "", False, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.santhosh-tekuri.xpathparser.model.yml b/go/ql/lib/ext/github.com.santhosh-tekuri.xpathparser.model.yml index 8ac0e02cedfd..b99bedf38cc8 100644 --- a/go/ql/lib/ext/github.com.santhosh-tekuri.xpathparser.model.yml +++ b/go/ql/lib/ext/github.com.santhosh-tekuri.xpathparser.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/santhosh-tekuri/xpathparser", "", True, "Parse", "", "", "Argument[0]", "xpath-injection", "manual"] - - ["github.com/santhosh-tekuri/xpathparser", "", True, "MustParse", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/santhosh-tekuri/xpathparser", "", False, "Parse", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["github.com/santhosh-tekuri/xpathparser", "", False, "MustParse", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.spf13.afero.model.yml b/go/ql/lib/ext/github.com.spf13.afero.model.yml index 94879539233d..2ddab6ef43bb 100644 --- a/go/ql/lib/ext/github.com.spf13.afero.model.yml +++ b/go/ql/lib/ext/github.com.spf13.afero.model.yml @@ -3,37 +3,37 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["github.com/spf13/afero", "HttpFs", False, "Create", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "HttpFs", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "HttpFs", False, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "HttpFs", False, "Remove", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "HttpFs", False, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "Create", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "Remove", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "MemMapFs", False, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "Create", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "ReadlinkIfPossible", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "Remove", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "OsFs", False, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "Create", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "ReadDir", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "ReadlinkIfPossible", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "ReadOnlyFs", False, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "Create", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "Open", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "Remove", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/spf13/afero", "RegexpFs", False, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "HttpFs", True, "Create", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "HttpFs", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "HttpFs", True, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "HttpFs", True, "Remove", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "HttpFs", True, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "Create", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "Remove", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "MemMapFs", True, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "Create", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "ReadlinkIfPossible", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "Remove", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "OsFs", True, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "Create", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "ReadDir", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "ReadlinkIfPossible", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "ReadOnlyFs", True, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "Create", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "Open", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "OpenFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "Remove", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "RemoveAll", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "Mkdir", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/spf13/afero", "RegexpFs", True, "MkdirAll", "", "", "Argument[0]", "path-injection", "manual"] diff --git a/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml b/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml index feafceb364df..573825276281 100644 --- a/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml +++ b/go/ql/lib/ext/github.com.valyala.fasthttp.model.yml @@ -4,14 +4,14 @@ extensions: extensible: sinkModel data: # request-forgery - - ["github.com/valyala/fasthttp", "", True, "Get", "", "", "Argument[1]", "request-forgery", "manual"] - - ["github.com/valyala/fasthttp", "", True, "GetDeadline", "", "", "Argument[1]", "request-forgery", "manual"] - - ["github.com/valyala/fasthttp", "", True, "GetTimeout", "", "", "Argument[1]", "request-forgery", "manual"] - - ["github.com/valyala/fasthttp", "", True, "Post", "", "", "Argument[1]", "request-forgery", "manual"] - - ["github.com/valyala/fasthttp", "", True, "Dial", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] - - ["github.com/valyala/fasthttp", "", True, "DialDualStack", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] - - ["github.com/valyala/fasthttp", "", True, "DialDualStackTimeout", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] - - ["github.com/valyala/fasthttp", "", True, "DialTimeout", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] + - ["github.com/valyala/fasthttp", "", False, "Get", "", "", "Argument[1]", "request-forgery", "manual"] + - ["github.com/valyala/fasthttp", "", False, "GetDeadline", "", "", "Argument[1]", "request-forgery", "manual"] + - ["github.com/valyala/fasthttp", "", False, "GetTimeout", "", "", "Argument[1]", "request-forgery", "manual"] + - ["github.com/valyala/fasthttp", "", False, "Post", "", "", "Argument[1]", "request-forgery", "manual"] + - ["github.com/valyala/fasthttp", "", False, "Dial", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] + - ["github.com/valyala/fasthttp", "", False, "DialDualStack", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] + - ["github.com/valyala/fasthttp", "", False, "DialDualStackTimeout", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] + - ["github.com/valyala/fasthttp", "", False, "DialTimeout", "", "", "Argument[0]", "request-forgery[TCP Addr + Port]", "manual"] - ["github.com/valyala/fasthttp", "Client", True, "Get", "", "", "Argument[1]", "request-forgery", "manual"] - ["github.com/valyala/fasthttp", "Client", True, "GetDeadline", "", "", "Argument[1]", "request-forgery", "manual"] - ["github.com/valyala/fasthttp", "Client", True, "GetTimeout", "", "", "Argument[1]", "request-forgery", "manual"] @@ -35,9 +35,9 @@ extensions: - ["github.com/valyala/fasthttp", "", False, "ServeFileBytes", "", "", "Argument[1]", "path-injection", "manual"] - ["github.com/valyala/fasthttp", "", False, "ServeFileBytesUncompressed", "", "", "Argument[1]", "path-injection", "manual"] - ["github.com/valyala/fasthttp", "", False, "ServeFileUncompressed", "", "", "Argument[1]", "path-injection", "manual"] - - ["github.com/valyala/fasthttp", "RequestCtx", False, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/valyala/fasthttp", "RequestCtx", False, "SendFileBytes", "", "", "Argument[0]", "path-injection", "manual"] - - ["github.com/valyala/fasthttp", "Response", False, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/valyala/fasthttp", "RequestCtx", True, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/valyala/fasthttp", "RequestCtx", True, "SendFileBytes", "", "", "Argument[0]", "path-injection", "manual"] + - ["github.com/valyala/fasthttp", "Response", True, "SendFile", "", "", "Argument[0]", "path-injection", "manual"] # url-redirection - ["github.com/valyala/fasthttp", "RequestCtx", True, "Redirect", "", "", "Argument[0]", "url-redirection", "manual"] - ["github.com/valyala/fasthttp", "RequestCtx", True, "RedirectBytes", "", "", "Argument[0]", "url-redirection", "manual"] @@ -45,11 +45,11 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["github.com/valyala/fasthttp", "URI", False, "SetHost", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "SetHostBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "Update", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "UpdateBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - - ["github.com/valyala/fasthttp", "URI", False, "Parse", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", True, "SetHost", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", True, "SetHostBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", True, "Update", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", True, "UpdateBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["github.com/valyala/fasthttp", "URI", True, "Parse", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] - addsTo: pack: codeql/go-all extensible: sourceModel diff --git a/go/ql/lib/ext/golang.org.x.crypto.ssh.model.yml b/go/ql/lib/ext/golang.org.x.crypto.ssh.model.yml index 8419737a2f2d..205a2a1dcb57 100644 --- a/go/ql/lib/ext/golang.org.x.crypto.ssh.model.yml +++ b/go/ql/lib/ext/golang.org.x.crypto.ssh.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["golang.org/x/crypto/ssh", "Session", False, "CombinedOutput", "", "", "Argument[0]", "command-injection", "manual"] - - ["golang.org/x/crypto/ssh", "Session", False, "Output", "", "", "Argument[0]", "command-injection", "manual"] - - ["golang.org/x/crypto/ssh", "Session", False, "Run", "", "", "Argument[0]", "command-injection", "manual"] - - ["golang.org/x/crypto/ssh", "Session", False, "Start", "", "", "Argument[0]", "command-injection", "manual"] + - ["golang.org/x/crypto/ssh", "Session", True, "CombinedOutput", "", "", "Argument[0]", "command-injection", "manual"] + - ["golang.org/x/crypto/ssh", "Session", True, "Output", "", "", "Argument[0]", "command-injection", "manual"] + - ["golang.org/x/crypto/ssh", "Session", True, "Run", "", "", "Argument[0]", "command-injection", "manual"] + - ["golang.org/x/crypto/ssh", "Session", True, "Start", "", "", "Argument[0]", "command-injection", "manual"] diff --git a/go/ql/lib/ext/io.fs.model.yml b/go/ql/lib/ext/io.fs.model.yml index ac709c939b61..1b9be01aba91 100644 --- a/go/ql/lib/ext/io.fs.model.yml +++ b/go/ql/lib/ext/io.fs.model.yml @@ -22,4 +22,4 @@ extensions: data: - ["io/fs", "", False, "ReadFile", "", "", "ReturnValue[0]", "file", "manual"] - ["io/fs", "ReadFileFS", True, "ReadFile", "", "", "ReturnValue[0]", "file", "manual"] - - ["io/fs", "FS", True, "Open", "", "", "ReturnValue[0]", "file", "manual"] \ No newline at end of file + - ["io/fs", "FS", True, "Open", "", "", "ReturnValue[0]", "file", "manual"] diff --git a/go/ql/lib/ext/io.ioutil.model.yml b/go/ql/lib/ext/io.ioutil.model.yml index dda811c97bfb..d5fae77c1d4e 100644 --- a/go/ql/lib/ext/io.ioutil.model.yml +++ b/go/ql/lib/ext/io.ioutil.model.yml @@ -18,4 +18,4 @@ extensions: pack: codeql/go-all extensible: sourceModel data: - - ["io/ioutil", "", False, "ReadFile", "", "", "ReturnValue[0]", "file", "manual"] \ No newline at end of file + - ["io/ioutil", "", False, "ReadFile", "", "", "ReturnValue[0]", "file", "manual"] diff --git a/go/ql/lib/ext/math.big.model.yml b/go/ql/lib/ext/math.big.model.yml index 2e320251b2dd..dc09561897c9 100644 --- a/go/ql/lib/ext/math.big.model.yml +++ b/go/ql/lib/ext/math.big.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/go-all extensible: summaryModel data: - - ["math/big", "Int", False, "Int64", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["math/big", "Int", True, "Int64", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/lib/ext/net.http.model.yml b/go/ql/lib/ext/net.http.model.yml index f67ed795c4cb..2bf417cf8f3a 100644 --- a/go/ql/lib/ext/net.http.model.yml +++ b/go/ql/lib/ext/net.http.model.yml @@ -6,7 +6,7 @@ extensions: # path-injection - ["net/http", "", False, "ServeFile", "", "", "Argument[2]", "path-injection", "manual"] # url-redirection - - ["net/http", "", True, "Redirect", "", "", "Argument[2]", "url-redirection[0]", "manual"] + - ["net/http", "", False, "Redirect", "", "", "Argument[2]", "url-redirection[0]", "manual"] - addsTo: pack: codeql/go-all extensible: summaryModel diff --git a/go/ql/lib/ext/regexp.model.yml b/go/ql/lib/ext/regexp.model.yml index ffb6205657a6..427d708b12e3 100644 --- a/go/ql/lib/ext/regexp.model.yml +++ b/go/ql/lib/ext/regexp.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/go-all extensible: sinkModel data: - - ["regexp", "", True, "Compile", "", "", "Argument[0]", "regex-use[c]", "manual"] - - ["regexp", "", True, "CompilePOSIX", "", "", "Argument[0]", "regex-use[c]", "manual"] - - ["regexp", "", True, "MustCompile", "", "", "Argument[0]", "regex-use[c]", "manual"] - - ["regexp", "", True, "MustCompilePOSIX", "", "", "Argument[0]", "regex-use[c]", "manual"] - - ["regexp", "", True, "Match", "", "", "Argument[0]", "regex-use[1]", "manual"] - - ["regexp", "", True, "MatchReader", "", "", "Argument[0]", "regex-use[1]", "manual"] - - ["regexp", "", True, "MatchString", "", "", "Argument[0]", "regex-use[1]", "manual"] + - ["regexp", "", False, "Compile", "", "", "Argument[0]", "regex-use[c]", "manual"] + - ["regexp", "", False, "CompilePOSIX", "", "", "Argument[0]", "regex-use[c]", "manual"] + - ["regexp", "", False, "MustCompile", "", "", "Argument[0]", "regex-use[c]", "manual"] + - ["regexp", "", False, "MustCompilePOSIX", "", "", "Argument[0]", "regex-use[c]", "manual"] + - ["regexp", "", False, "Match", "", "", "Argument[0]", "regex-use[1]", "manual"] + - ["regexp", "", False, "MatchReader", "", "", "Argument[0]", "regex-use[1]", "manual"] + - ["regexp", "", False, "MatchString", "", "", "Argument[0]", "regex-use[1]", "manual"] - ["regexp", "Regexp", True, "Match", "", "", "Argument[receiver]", "regex-use[0]", "manual"] - ["regexp", "Regexp", True, "MatchReader", "", "", "Argument[receiver]", "regex-use[0]", "manual"] - ["regexp", "Regexp", True, "MatchString", "", "", "Argument[receiver]", "regex-use[0]", "manual"] diff --git a/go/ql/lib/ext/syscall.model.yml b/go/ql/lib/ext/syscall.model.yml index 9d65f2bedbd3..948cca3e2987 100644 --- a/go/ql/lib/ext/syscall.model.yml +++ b/go/ql/lib/ext/syscall.model.yml @@ -25,4 +25,4 @@ extensions: extensible: sourceModel data: - ["syscall", "", False, "Environ", "", "", "ReturnValue", "environment", "manual"] - - ["syscall", "", False, "Getenv", "", "", "ReturnValue[0]", "environment", "manual"] \ No newline at end of file + - ["syscall", "", False, "Getenv", "", "", "ReturnValue[0]", "environment", "manual"] diff --git a/go/ql/test/experimental/CWE-74/DsnInjection.expected b/go/ql/test/experimental/CWE-74/DsnInjection.expected index d92ad49a6067..e1f66aa14139 100644 --- a/go/ql/test/experimental/CWE-74/DsnInjection.expected +++ b/go/ql/test/experimental/CWE-74/DsnInjection.expected @@ -8,7 +8,7 @@ edges | Dsn.go:49:102:49:105 | name | Dsn.go:49:11:49:106 | call to Sprintf | provenance | FunctionModel | models | 1 | Source: net/http; Request; true; FormValue; ; ; ReturnValue; remote; manual | -| 2 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 2 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | nodes | Dsn.go:47:10:47:30 | call to FormValue | semmle.label | call to FormValue | | Dsn.go:49:11:49:106 | []type{args} [array] | semmle.label | []type{args} [array] | diff --git a/go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected b/go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected index 7b433794a6c1..ff83f06ebb28 100644 --- a/go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected +++ b/go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected @@ -22,7 +22,7 @@ edges | Dsn.go:67:102:67:108 | selection of dsn | Dsn.go:67:11:67:109 | []type{args} [array] | provenance | | | Dsn.go:67:102:67:108 | selection of dsn | Dsn.go:67:11:67:109 | call to Sprintf | provenance | FunctionModel | models -| 1 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 1 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | nodes | Dsn.go:26:11:26:17 | selection of Args | semmle.label | selection of Args | | Dsn.go:28:11:28:110 | []type{args} [array] | semmle.label | []type{args} [array] | diff --git a/go/ql/test/experimental/CWE-918/SSRF.expected b/go/ql/test/experimental/CWE-918/SSRF.expected index f4e1d1c9930b..87780085a549 100644 --- a/go/ql/test/experimental/CWE-918/SSRF.expected +++ b/go/ql/test/experimental/CWE-918/SSRF.expected @@ -63,14 +63,14 @@ models | 1 | Source: github.com/gin-gonic/gin; Context; true; Param; ; ; ReturnValue; remote; manual | | 2 | Source: github.com/gin-gonic/gin; Context; true; Query; ; ; ReturnValue; remote; manual | | 3 | Source: github.com/gin-gonic/gin; Context; true; ShouldBindJSON; ; ; Argument[0]; remote; manual | -| 4 | Source: github.com/go-chi/chi; ; true; URLParam; ; ; ReturnValue; remote; manual | -| 5 | Source: github.com/gorilla/mux; ; true; Vars; ; ; ReturnValue; remote; manual | +| 4 | Source: github.com/go-chi/chi; ; false; URLParam; ; ; ReturnValue; remote; manual | +| 5 | Source: github.com/gorilla/mux; ; false; Vars; ; ; ReturnValue; remote; manual | | 6 | Source: net/http; Request; true; Body; ; ; ; remote; manual | | 7 | Source: net/http; Request; true; FormValue; ; ; ReturnValue; remote; manual | | 8 | Source: net/http; Request; true; Referer; ; ; ReturnValue; remote; manual | | 9 | Source: net/http; Request; true; URL; ; ; ; remote; manual | | 10 | Summary: encoding/json; ; false; Unmarshal; ; ; Argument[0]; Argument[1]; taint; manual | -| 11 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 11 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | | 12 | Summary: io/ioutil; ; false; ReadAll; ; ; Argument[0]; ReturnValue[0]; taint; manual | | 13 | Summary: net/url; URL; true; Query; ; ; Argument[receiver]; ReturnValue; taint; manual | | 14 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.ext.yml index 2c8e9d2530fe..bb7762a5467e 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest3.ext.yml @@ -14,4 +14,3 @@ extensions: - ["github.com/nonexistent/sources", "", False, "ReadEnvironment", "", "", "ReturnValue", "environment", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCustom", "", "", "ReturnValue", "custom", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCliArg", "", "", "ReturnValue", "commandargs", "manual"] - diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.ext.yml index acac1a4e4f07..4754b0ef1f55 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest4.ext.yml @@ -14,4 +14,3 @@ extensions: - ["github.com/nonexistent/sources", "", False, "ReadEnvironment", "", "", "ReturnValue", "environment", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCustom", "", "", "ReturnValue", "custom", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCliArg", "", "", "ReturnValue", "commandargs", "manual"] - diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.ext.yml index c61a23e0e647..713491d492e3 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.ext.yml +++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/threat-models-flowtest5.ext.yml @@ -15,4 +15,3 @@ extensions: - ["github.com/nonexistent/sources", "", False, "ReadEnvironment", "", "", "ReturnValue", "environment", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCustom", "", "", "ReturnValue", "custom", "manual"] - ["github.com/nonexistent/sources", "", False, "GetCliArg", "", "", "ReturnValue", "commandargs", "manual"] - diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected index 796143aee9e7..98b536aac656 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected @@ -16,11 +16,11 @@ edges | test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:6 Sink:MaD:4 | | test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:6 Sink:MaD:1 | models -| 1 | Sink: group:beego-context; BeegoOutput; false; Download; ; ; Argument[0]; path-injection; manual | +| 1 | Sink: group:beego-context; BeegoOutput; true; Download; ; ; Argument[0]; path-injection; manual | | 2 | Sink: group:beego; ; false; Walk; ; ; Argument[1]; path-injection; manual | -| 3 | Sink: group:beego; Controller; false; SaveToFile; ; ; Argument[1]; path-injection; manual | -| 4 | Sink: group:beego; Controller; false; SaveToFileWithBuffer; ; ; Argument[1]; path-injection; manual | -| 5 | Sink: group:beego; FileSystem; false; Open; ; ; Argument[0]; path-injection; manual | +| 3 | Sink: group:beego; Controller; true; SaveToFile; ; ; Argument[1]; path-injection; manual | +| 4 | Sink: group:beego; Controller; true; SaveToFileWithBuffer; ; ; Argument[1]; path-injection; manual | +| 5 | Sink: group:beego; FileSystem; true; Open; ; ; Argument[0]; path-injection; manual | | 6 | Source: group:beego-context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | | 7 | Source: group:beego-context; BeegoInput; true; RequestBody; ; ; ; remote; manual | | 8 | Summary: encoding/json; ; false; Unmarshal; ; ; Argument[0]; Argument[1]; taint; manual | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected index 654cff9463c6..56bbc4ed6054 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected @@ -11,8 +11,8 @@ edges | test.go:23:18:23:60 | call to URLParamFromCtx | test.go:23:11:23:61 | type conversion | provenance | Src:MaD:2 | | test.go:24:18:24:71 | call to URLParam | test.go:24:11:24:72 | type conversion | provenance | Src:MaD:3 | models -| 1 | Source: github.com/go-chi/chi; ; true; URLParam; ; ; ReturnValue; remote; manual | -| 2 | Source: github.com/go-chi/chi; ; true; URLParamFromCtx; ; ; ReturnValue; remote; manual | +| 1 | Source: github.com/go-chi/chi; ; false; URLParam; ; ; ReturnValue; remote; manual | +| 2 | Source: github.com/go-chi/chi; ; false; URLParamFromCtx; ; ; ReturnValue; remote; manual | | 3 | Source: github.com/go-chi/chi; Context; true; URLParam; ; ; ReturnValue; remote; manual | | 4 | Source: net/http; Request; true; URL; ; ; ; remote; manual | nodes diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected index aaefd9799bec..c579c480fb3e 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected @@ -5,8 +5,8 @@ edges | test.go:221:15:221:38 | call to QueryParam | test.go:222:17:222:24 | filepath | provenance | Src:MaD:3 Sink:MaD:2 | | test.go:225:15:225:38 | call to QueryParam | test.go:226:23:226:30 | filepath | provenance | Src:MaD:3 Sink:MaD:1 | models -| 1 | Sink: github.com/labstack/echo; Context; false; Attachment; ; ; Argument[0]; path-injection; manual | -| 2 | Sink: github.com/labstack/echo; Context; false; File; ; ; Argument[0]; path-injection; manual | +| 1 | Sink: github.com/labstack/echo; Context; true; Attachment; ; ; Argument[0]; path-injection; manual | +| 2 | Sink: github.com/labstack/echo; Context; true; File; ; ; Argument[0]; path-injection; manual | | 3 | Source: github.com/labstack/echo; Context; true; QueryParam; ; ; ReturnValue[0]; remote; manual | nodes | test.go:221:15:221:38 | call to QueryParam | semmle.label | call to QueryParam | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected index e73729936bd1..4cb6f63a829f 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected @@ -9,9 +9,9 @@ edges | Gin.go:24:15:24:33 | call to Query | Gin.go:27:20:27:27 | filepath | provenance | Src:MaD:5 Sink:MaD:2 | | Gin.go:24:15:24:33 | call to Query | Gin.go:29:32:29:39 | filepath | provenance | Src:MaD:5 Sink:MaD:3 | models -| 1 | Sink: github.com/gin-gonic/gin; Context; false; File; ; ; Argument[0]; path-injection; manual | -| 2 | Sink: github.com/gin-gonic/gin; Context; false; FileAttachment; ; ; Argument[0]; path-injection; manual | -| 3 | Sink: github.com/gin-gonic/gin; Context; false; SaveUploadedFile; ; ; Argument[1]; path-injection; manual | +| 1 | Sink: github.com/gin-gonic/gin; Context; true; File; ; ; Argument[0]; path-injection; manual | +| 2 | Sink: github.com/gin-gonic/gin; Context; true; FileAttachment; ; ; Argument[0]; path-injection; manual | +| 3 | Sink: github.com/gin-gonic/gin; Context; true; SaveUploadedFile; ; ; Argument[1]; path-injection; manual | | 4 | Sink: net/http; ; false; ServeFile; ; ; Argument[2]; path-injection; manual | | 5 | Source: github.com/gin-gonic/gin; Context; true; Query; ; ; ReturnValue; remote; manual | nodes diff --git a/go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected b/go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected index dd6675363334..1b984aeedee4 100644 --- a/go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected +++ b/go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected @@ -10,8 +10,8 @@ edges | main.go:49:21:49:45 | `https://www.example.com` | main.go:62:15:62:25 | sourceConst | provenance | | | main.go:62:15:62:25 | sourceConst | main.go:65:15:65:23 | localVar3 | provenance | Sink:MaD:1 | models -| 1 | Sink: regexp; ; true; Match; ; ; Argument[0]; regex-use[1]; manual | -| 2 | Sink: regexp; ; true; MatchString; ; ; Argument[0]; regex-use[1]; manual | +| 1 | Sink: regexp; ; false; Match; ; ; Argument[0]; regex-use[1]; manual | +| 2 | Sink: regexp; ; false; MatchString; ; ; Argument[0]; regex-use[1]; manual | nodes | IncompleteHostnameRegexp.go:11:8:11:36 | "^((www\|beta).)?example.com/" | semmle.label | "^((www\|beta).)?example.com/" | | IncompleteHostnameRegexp.go:12:38:12:39 | re | semmle.label | re | diff --git a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected index ce713390403b..dff32df4e1ff 100644 --- a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected @@ -151,7 +151,7 @@ models | 3 | Summary: ; ; false; append; ; ; Argument[0].ArrayElement; ReturnValue.ArrayElement; value; manual | | 4 | Summary: ; ; false; append; ; ; Argument[0]; ReturnValue; taint; manual | | 5 | Summary: ; ; false; append; ; ; Argument[1].ArrayElement; ReturnValue.ArrayElement; value; manual | -| 6 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 6 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | | 7 | Summary: net/url; URL; true; Query; ; ; Argument[receiver]; ReturnValue; taint; manual | nodes | ArgumentInjection.go:9:10:9:16 | selection of URL | semmle.label | selection of URL | diff --git a/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected b/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected index 0c9d1d6b22a4..647113f3c6b5 100644 --- a/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected +++ b/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected @@ -69,7 +69,7 @@ edges | websocketXss.go:50:3:50:10 | definition of gorilla2 | websocketXss.go:52:24:52:31 | gorilla2 | provenance | Src:MaD:2 | | websocketXss.go:54:3:54:38 | ... := ...[1] | websocketXss.go:55:24:55:31 | gorilla3 | provenance | Src:MaD:3 | models -| 1 | Source: github.com/gorilla/websocket; ; true; ReadJSON; ; ; Argument[1]; remote; manual | +| 1 | Source: github.com/gorilla/websocket; ; false; ReadJSON; ; ; Argument[1]; remote; manual | | 2 | Source: github.com/gorilla/websocket; Conn; true; ReadJSON; ; ; Argument[0]; remote; manual | | 3 | Source: github.com/gorilla/websocket; Conn; true; ReadMessage; ; ; ReturnValue[1]; remote; manual | | 4 | Source: golang.org/x/net/websocket; Codec; true; Receive; ; ; Argument[1]; remote; manual | @@ -80,7 +80,7 @@ models | 9 | Source: net/http; Request; true; MultipartReader; ; ; ReturnValue[0]; remote; manual | | 10 | Source: net/http; Request; true; URL; ; ; ; remote; manual | | 11 | Source: nhooyr.io/websocket; Conn; true; Read; ; ; ReturnValue[1]; remote; manual | -| 12 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 12 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | | 13 | Summary: io/ioutil; ; false; ReadAll; ; ; Argument[0]; ReturnValue[0]; taint; manual | | 14 | Summary: io; Reader; true; Read; ; ; Argument[receiver]; Argument[0]; taint; manual | | 15 | Summary: mime/multipart; Part; true; FileName; ; ; Argument[receiver]; ReturnValue; taint; manual | diff --git a/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected b/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected index b4ba00050a59..79d8809e19f9 100644 --- a/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected @@ -140,7 +140,7 @@ models | 4 | Source: net/http; Request; true; Referer; ; ; ReturnValue; remote; manual | | 5 | Source: net/http; Request; true; URL; ; ; ; remote; manual | | 6 | Summary: encoding/json; ; false; Unmarshal; ; ; Argument[0]; Argument[1]; taint; manual | -| 7 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 7 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | | 8 | Summary: io/ioutil; ; false; ReadAll; ; ; Argument[0]; ReturnValue[0]; taint; manual | | 9 | Summary: net/http; Header; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | | 10 | Summary: net/url; URL; true; Query; ; ; Argument[receiver]; ReturnValue; taint; manual | diff --git a/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected b/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected index cf5b484716cd..b2659fffde78 100644 --- a/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected +++ b/go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected @@ -22,7 +22,7 @@ edges | sample.go:56:18:56:39 | index expression | sample.go:56:11:56:40 | type conversion | provenance | | | sample.go:56:29:56:38 | randNumber | sample.go:56:18:56:39 | index expression | provenance | Config | models -| 1 | Summary: fmt; ; true; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | +| 1 | Summary: fmt; ; false; Sprintf; ; ; Argument[1].ArrayElement; ReturnValue; taint; manual | | 2 | Summary: io; ; false; ReadFull; ; ; Argument[0]; Argument[1]; taint; manual | nodes | InsecureRandomness.go:12:18:12:40 | call to Intn | semmle.label | call to Intn | diff --git a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected index 23f814be7d66..2bfca2aa643a 100644 --- a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected +++ b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected @@ -18,7 +18,7 @@ models | 1 | Sink: github.com/golang-jwt/jwt; Parser; true; ParseUnverified; ; ; Argument[0]; jwt; manual | | 2 | Sink: group:go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual | | 3 | Source: net/http; Request; true; URL; ; ; ; remote; manual | -| 4 | Summary: group:go-jose/jwt; ; true; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 4 | Summary: group:go-jose/jwt; ; false; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | | 5 | Summary: net/url; URL; true; Query; ; ; Argument[receiver]; ReturnValue; taint; manual | | 6 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | nodes diff --git a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected index 1ac1033433ef..8d4aaba1446c 100644 --- a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected +++ b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected @@ -29,7 +29,7 @@ edges | main.go:77:36:77:38 | url | main.go:77:25:77:39 | call to getTarget1 | provenance | MaD:2 Sink:MaD:1 | | main.go:87:9:87:14 | selection of Path | main.go:91:25:91:39 | call to getTarget2 | provenance | Sink:MaD:1 | models -| 1 | Sink: net/http; ; true; Redirect; ; ; Argument[2]; url-redirection[0]; manual | +| 1 | Sink: net/http; ; false; Redirect; ; ; Argument[2]; url-redirection[0]; manual | | 2 | Summary: path; ; false; Clean; ; ; Argument[0]; ReturnValue; taint; manual | nodes | BadRedirectCheck.go:3:18:3:22 | argument corresponding to redir | semmle.label | argument corresponding to redir | diff --git a/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected b/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected index 771c153e8661..f8d193348ba0 100644 --- a/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected +++ b/go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected @@ -66,7 +66,7 @@ edges | stdlib.go:192:23:192:28 | target | stdlib.go:192:23:192:33 | selection of Path | provenance | Config Sink:MaD:1 | | stdlib.go:194:23:194:28 | target | stdlib.go:194:23:194:42 | call to EscapedPath | provenance | Config Sink:MaD:1 | models -| 1 | Sink: net/http; ; true; Redirect; ; ; Argument[2]; url-redirection[0]; manual | +| 1 | Sink: net/http; ; false; Redirect; ; ; Argument[2]; url-redirection[0]; manual | | 2 | Source: net/http; Request; true; Form; ; ; ; remote; manual | | 3 | Source: net/http; Request; true; FormValue; ; ; ReturnValue; remote; manual | | 4 | Source: net/http; Request; true; URL; ; ; ; remote; manual | diff --git a/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected b/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected index 3914ab37db4b..0d492788c51d 100644 --- a/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected +++ b/go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected @@ -101,41 +101,41 @@ edges | tst.go:139:14:139:35 | call to Get | tst.go:146:23:146:85 | ...+... | provenance | Sink:MaD:26 | | tst.go:145:41:145:103 | ...+... | tst.go:145:23:145:104 | call to NewReader | provenance | MaD:38 Sink:MaD:25 | models -| 1 | Sink: github.com/ChrisTrenkamp/goxpath; ; true; MustParse; ; ; Argument[0]; xpath-injection; manual | -| 2 | Sink: github.com/ChrisTrenkamp/goxpath; ; true; Parse; ; ; Argument[0]; xpath-injection; manual | -| 3 | Sink: github.com/ChrisTrenkamp/goxpath; ; true; ParseExec; ; ; Argument[0]; xpath-injection; manual | -| 4 | Sink: github.com/antchfx/htmlquery; ; true; Find; ; ; Argument[1]; xpath-injection; manual | -| 5 | Sink: github.com/antchfx/htmlquery; ; true; FindOne; ; ; Argument[1]; xpath-injection; manual | -| 6 | Sink: github.com/antchfx/htmlquery; ; true; Query; ; ; Argument[1]; xpath-injection; manual | -| 7 | Sink: github.com/antchfx/htmlquery; ; true; QueryAll; ; ; Argument[1]; xpath-injection; manual | -| 8 | Sink: github.com/antchfx/jsonquery; ; true; Find; ; ; Argument[1]; xpath-injection; manual | -| 9 | Sink: github.com/antchfx/jsonquery; ; true; FindOne; ; ; Argument[1]; xpath-injection; manual | -| 10 | Sink: github.com/antchfx/jsonquery; ; true; Query; ; ; Argument[1]; xpath-injection; manual | -| 11 | Sink: github.com/antchfx/jsonquery; ; true; QueryAll; ; ; Argument[1]; xpath-injection; manual | -| 12 | Sink: github.com/antchfx/xmlquery; ; true; Find; ; ; Argument[1]; xpath-injection; manual | -| 13 | Sink: github.com/antchfx/xmlquery; ; true; FindEach; ; ; Argument[1]; xpath-injection; manual | -| 14 | Sink: github.com/antchfx/xmlquery; ; true; FindEachWithBreak; ; ; Argument[1]; xpath-injection; manual | -| 15 | Sink: github.com/antchfx/xmlquery; ; true; FindOne; ; ; Argument[1]; xpath-injection; manual | -| 16 | Sink: github.com/antchfx/xmlquery; ; true; Query; ; ; Argument[1]; xpath-injection; manual | -| 17 | Sink: github.com/antchfx/xmlquery; ; true; QueryAll; ; ; Argument[1]; xpath-injection; manual | +| 1 | Sink: github.com/ChrisTrenkamp/goxpath; ; false; MustParse; ; ; Argument[0]; xpath-injection; manual | +| 2 | Sink: github.com/ChrisTrenkamp/goxpath; ; false; Parse; ; ; Argument[0]; xpath-injection; manual | +| 3 | Sink: github.com/ChrisTrenkamp/goxpath; ; false; ParseExec; ; ; Argument[0]; xpath-injection; manual | +| 4 | Sink: github.com/antchfx/htmlquery; ; false; Find; ; ; Argument[1]; xpath-injection; manual | +| 5 | Sink: github.com/antchfx/htmlquery; ; false; FindOne; ; ; Argument[1]; xpath-injection; manual | +| 6 | Sink: github.com/antchfx/htmlquery; ; false; Query; ; ; Argument[1]; xpath-injection; manual | +| 7 | Sink: github.com/antchfx/htmlquery; ; false; QueryAll; ; ; Argument[1]; xpath-injection; manual | +| 8 | Sink: github.com/antchfx/jsonquery; ; false; Find; ; ; Argument[1]; xpath-injection; manual | +| 9 | Sink: github.com/antchfx/jsonquery; ; false; FindOne; ; ; Argument[1]; xpath-injection; manual | +| 10 | Sink: github.com/antchfx/jsonquery; ; false; Query; ; ; Argument[1]; xpath-injection; manual | +| 11 | Sink: github.com/antchfx/jsonquery; ; false; QueryAll; ; ; Argument[1]; xpath-injection; manual | +| 12 | Sink: github.com/antchfx/xmlquery; ; false; Find; ; ; Argument[1]; xpath-injection; manual | +| 13 | Sink: github.com/antchfx/xmlquery; ; false; FindEach; ; ; Argument[1]; xpath-injection; manual | +| 14 | Sink: github.com/antchfx/xmlquery; ; false; FindEachWithBreak; ; ; Argument[1]; xpath-injection; manual | +| 15 | Sink: github.com/antchfx/xmlquery; ; false; FindOne; ; ; Argument[1]; xpath-injection; manual | +| 16 | Sink: github.com/antchfx/xmlquery; ; false; Query; ; ; Argument[1]; xpath-injection; manual | +| 17 | Sink: github.com/antchfx/xmlquery; ; false; QueryAll; ; ; Argument[1]; xpath-injection; manual | | 18 | Sink: github.com/antchfx/xmlquery; Node; true; SelectElement; ; ; Argument[0]; xpath-injection; manual | | 19 | Sink: github.com/antchfx/xmlquery; Node; true; SelectElements; ; ; Argument[0]; xpath-injection; manual | -| 20 | Sink: github.com/antchfx/xpath; ; true; Compile; ; ; Argument[0]; xpath-injection; manual | -| 21 | Sink: github.com/antchfx/xpath; ; true; CompileWithNS; ; ; Argument[0]; xpath-injection; manual | -| 22 | Sink: github.com/antchfx/xpath; ; true; MustCompile; ; ; Argument[0]; xpath-injection; manual | -| 23 | Sink: github.com/antchfx/xpath; ; true; Select; ; ; Argument[1]; xpath-injection; manual | +| 20 | Sink: github.com/antchfx/xpath; ; false; Compile; ; ; Argument[0]; xpath-injection; manual | +| 21 | Sink: github.com/antchfx/xpath; ; false; CompileWithNS; ; ; Argument[0]; xpath-injection; manual | +| 22 | Sink: github.com/antchfx/xpath; ; false; MustCompile; ; ; Argument[0]; xpath-injection; manual | +| 23 | Sink: github.com/antchfx/xpath; ; false; Select; ; ; Argument[1]; xpath-injection; manual | | 24 | Sink: github.com/lestrrat-go/libxml2/parser; Parser; true; Parse; ; ; Argument[0]; xpath-injection; manual | | 25 | Sink: github.com/lestrrat-go/libxml2/parser; Parser; true; ParseReader; ; ; Argument[0]; xpath-injection; manual | | 26 | Sink: github.com/lestrrat-go/libxml2/parser; Parser; true; ParseString; ; ; Argument[0]; xpath-injection; manual | -| 27 | Sink: github.com/santhosh-tekuri/xpathparser; ; true; MustParse; ; ; Argument[0]; xpath-injection; manual | -| 28 | Sink: github.com/santhosh-tekuri/xpathparser; ; true; Parse; ; ; Argument[0]; xpath-injection; manual | +| 27 | Sink: github.com/santhosh-tekuri/xpathparser; ; false; MustParse; ; ; Argument[0]; xpath-injection; manual | +| 28 | Sink: github.com/santhosh-tekuri/xpathparser; ; false; Parse; ; ; Argument[0]; xpath-injection; manual | | 29 | Sink: group:gokogiri/xml; Node; true; EvalXPath; ; ; Argument[0]; xpath-injection; manual | | 30 | Sink: group:gokogiri/xml; Node; true; EvalXPathAsBoolean; ; ; Argument[0]; xpath-injection; manual | | 31 | Sink: group:gokogiri/xml; Node; true; Search; ; ; Argument[0]; xpath-injection; manual | | 32 | Sink: group:gokogiri/xml; Node; true; SearchWithVariables; ; ; Argument[0]; xpath-injection; manual | -| 33 | Sink: group:gokogiri/xpath; ; true; Compile; ; ; Argument[0]; xpath-injection; manual | -| 34 | Sink: group:xmlpath; ; true; Compile; ; ; Argument[0]; xpath-injection; manual | -| 35 | Sink: group:xmlpath; ; true; MustCompile; ; ; Argument[0]; xpath-injection; manual | +| 33 | Sink: group:gokogiri/xpath; ; false; Compile; ; ; Argument[0]; xpath-injection; manual | +| 34 | Sink: group:xmlpath; ; false; Compile; ; ; Argument[0]; xpath-injection; manual | +| 35 | Sink: group:xmlpath; ; false; MustCompile; ; ; Argument[0]; xpath-injection; manual | | 36 | Source: net/http; Request; true; Form; ; ; ; remote; manual | | 37 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | | 38 | Summary: strings; ; false; NewReader; ; ; Argument[0]; ReturnValue; taint; manual |