github · owen-mc · Aug 1, 2024 · Aug 1, 2024 · Aug 1, 2024
@@ -1 +1,2 @@
-Security/CWE-079/ReflectedXss.ql
+query: Security/CWE-079/ReflectedXss.ql
+postprocess: TestUtilities/PrettyPrintModels.ql
@@ -1,12 +1,28 @@
+#select
+| test.go:216:18:216:26 | untrusted | test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
+| test.go:217:10:217:18 | untrusted | test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
+| test.go:218:35:218:43 | untrusted | test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
+| test.go:326:35:326:43 | untrusted | test.go:324:17:324:37 | selection of RequestBody | test.go:326:35:326:43 | untrusted | This path depends on a $@. | test.go:324:17:324:37 | selection of RequestBody | user-provided value |
+| test.go:334:23:334:31 | untrusted | test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | This path depends on a $@. | test.go:332:15:332:26 | call to Data | user-provided value |
+| test.go:342:53:342:61 | untrusted | test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value |
+| test.go:344:23:344:31 | untrusted | test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value |
 edges
-| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:293  |
-| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:293  |
-| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:293  |
-| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:301 MaD:187 |
+| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:2  |
+| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:2  |
+| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:2  |
+| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:3 MaD:1 |
 | test.go:324:40:324:43 | &... | test.go:326:35:326:43 | untrusted | provenance |  |
-| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:293  |
-| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:293  |
-| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:293  |
+| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:2  |
+| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:2  |
+| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:2  |
+models
+| 1 | Summary: encoding/json; ; false; Unmarshal; ; ; Argument[0]; Argument[1]; taint; manual |
+| 2 | Source: github.com/astaxie/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual |
+| 2 | Source: github.com/beego/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual |
+| 2 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual |
+| 3 | Source: github.com/astaxie/beego/context; BeegoInput; true; RequestBody; ; ; ; remote; manual |
+| 3 | Source: github.com/beego/beego/context; BeegoInput; true; RequestBody; ; ; ; remote; manual |
+| 3 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; RequestBody; ; ; ; remote; manual |
 nodes
 | test.go:215:15:215:26 | call to Data | semmle.label | call to Data |
 | test.go:216:18:216:26 | untrusted | semmle.label | untrusted |
@@ -21,11 +37,3 @@ nodes
 | test.go:342:53:342:61 | untrusted | semmle.label | untrusted |
 | test.go:344:23:344:31 | untrusted | semmle.label | untrusted |
 subpaths
-#select
-| test.go:216:18:216:26 | untrusted | test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
-| test.go:217:10:217:18 | untrusted | test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
-| test.go:218:35:218:43 | untrusted | test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value |
-| test.go:326:35:326:43 | untrusted | test.go:324:17:324:37 | selection of RequestBody | test.go:326:35:326:43 | untrusted | This path depends on a $@. | test.go:324:17:324:37 | selection of RequestBody | user-provided value |
-| test.go:334:23:334:31 | untrusted | test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | This path depends on a $@. | test.go:332:15:332:26 | call to Data | user-provided value |
-| test.go:342:53:342:61 | untrusted | test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value |
-| test.go:344:23:344:31 | untrusted | test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value |
@@ -1 +1,2 @@
-Security/CWE-022/TaintedPath.ql
+query: Security/CWE-022/TaintedPath.ql
+postprocess: TestUtilities/PrettyPrintModels.ql
@@ -1,14 +1,17 @@
+#select
+| EndToEnd.go:94:20:94:49 | call to Get | EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:49 | call to Get | This path to an untrusted URL redirection depends on a $@. | EndToEnd.go:94:20:94:27 | selection of Params | user-provided value |
 edges
 | EndToEnd.go:94:20:94:27 | implicit dereference | EndToEnd.go:94:20:94:27 | selection of Params | provenance | Config |
 | EndToEnd.go:94:20:94:27 | implicit dereference | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Config |
-| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:27 | implicit dereference | provenance | Src:MaD:525 Config |
-| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Src:MaD:525 Config |
+| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:27 | implicit dereference | provenance | Src:MaD:1 Config |
+| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Src:MaD:1 Config |
 | EndToEnd.go:94:20:94:32 | selection of Form | EndToEnd.go:94:20:94:49 | call to Get | provenance | Config |
+models
+| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual |
+| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual |
 nodes
 | EndToEnd.go:94:20:94:27 | implicit dereference | semmle.label | implicit dereference |
 | EndToEnd.go:94:20:94:27 | selection of Params | semmle.label | selection of Params |
 | EndToEnd.go:94:20:94:32 | selection of Form | semmle.label | selection of Form |
 | EndToEnd.go:94:20:94:49 | call to Get | semmle.label | call to Get |
 subpaths
-#select
-| EndToEnd.go:94:20:94:49 | call to Get | EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:49 | call to Get | This path to an untrusted URL redirection depends on a $@. | EndToEnd.go:94:20:94:27 | selection of Params | user-provided value |
@@ -1 +1,2 @@
-Security/CWE-601/OpenUrlRedirect.ql
+query: Security/CWE-601/OpenUrlRedirect.ql
+postprocess: TestUtilities/PrettyPrintModels.ql
@@ -1,13 +1,25 @@
+#select
+| EndToEnd.go:37:24:37:26 | buf | EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:37:24:37:26 | buf | Cross-site scripting vulnerability due to $@. | EndToEnd.go:36:18:36:25 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go |  |
+| EndToEnd.go:69:22:69:51 | call to Get | EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:51 | call to Get | Cross-site scripting vulnerability due to $@. | EndToEnd.go:69:22:69:29 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go |  |
+| Revel.go:70:22:70:35 | selection of Query | Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | Cross-site scripting vulnerability due to $@. The value is $@. | Revel.go:70:22:70:29 | selection of Params | user-provided value | views/myAppController/rawRead.html:1:1:2:9 | {{raw .Foo}}\n{{.Bar}}\n | instantiated as a raw template |
+| examples/booking/app/init.go:36:44:36:53 | selection of Path | examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:36:44:36:48 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go |  |
+| examples/booking/app/init.go:40:49:40:58 | selection of Path | examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:40:49:40:53 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go |  |
 edges
 | EndToEnd.go:35:2:35:4 | definition of buf | EndToEnd.go:37:24:37:26 | buf | provenance |  |
-| EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | Src:MaD:525  |
-| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:940 |
-| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:746 |
-| EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | Src:MaD:525  |
-| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:940 |
-| Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | Src:MaD:525  |
-| examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | Src:MaD:872  |
-| examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | Src:MaD:872  |
+| EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | Src:MaD:1  |
+| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:4 |
+| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:2 |
+| EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | Src:MaD:1  |
+| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:4 |
+| Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | Src:MaD:1  |
+| examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | Src:MaD:3  |
+| examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | Src:MaD:3  |
+models
+| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual |
+| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual |
+| 2 | Summary: io; StringWriter; true; WriteString; ; ; Argument[0]; Argument[receiver]; taint; manual |
+| 3 | Source: net/http; Request; true; URL; ; ; ; remote; manual |
+| 4 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual |
 nodes
 | EndToEnd.go:35:2:35:4 | definition of buf | semmle.label | definition of buf |
 | EndToEnd.go:36:18:36:25 | selection of Params | semmle.label | selection of Params |
@@ -24,9 +36,3 @@ nodes
 | examples/booking/app/init.go:40:49:40:53 | selection of URL | semmle.label | selection of URL |
 | examples/booking/app/init.go:40:49:40:58 | selection of Path | semmle.label | selection of Path |
 subpaths
-#select
-| EndToEnd.go:37:24:37:26 | buf | EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:37:24:37:26 | buf | Cross-site scripting vulnerability due to $@. | EndToEnd.go:36:18:36:25 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go |  |
-| EndToEnd.go:69:22:69:51 | call to Get | EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:51 | call to Get | Cross-site scripting vulnerability due to $@. | EndToEnd.go:69:22:69:29 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go |  |
-| Revel.go:70:22:70:35 | selection of Query | Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | Cross-site scripting vulnerability due to $@. The value is $@. | Revel.go:70:22:70:29 | selection of Params | user-provided value | views/myAppController/rawRead.html:1:1:2:9 | {{raw .Foo}}\n{{.Bar}}\n | instantiated as a raw template |
-| examples/booking/app/init.go:36:44:36:53 | selection of Path | examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:36:44:36:48 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go |  |
-| examples/booking/app/init.go:40:49:40:58 | selection of Path | examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:40:49:40:53 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go |  |
@@ -1 +1,2 @@
-Security/CWE-079/ReflectedXss.ql
+query: Security/CWE-079/ReflectedXss.ql
+postprocess: TestUtilities/PrettyPrintModels.ql
@@ -1,8 +1,15 @@
+#select
+| EndToEnd.go:58:18:58:47 | call to Get | EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:47 | call to Get | This path depends on a $@. | EndToEnd.go:58:18:58:25 | selection of Params | user-provided value |
+| EndToEnd.go:64:26:64:55 | call to Get | EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:55 | call to Get | This path depends on a $@. | EndToEnd.go:64:26:64:33 | selection of Params | user-provided value |
 edges
-| EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | Src:MaD:525  |
-| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:940 |
-| EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | Src:MaD:525  |
-| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:940 |
+| EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | Src:MaD:1  |
+| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:2 |
+| EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | Src:MaD:1  |
+| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:2 |
+models
+| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual |
+| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual |
+| 2 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual |
 nodes
 | EndToEnd.go:58:18:58:25 | selection of Params | semmle.label | selection of Params |
 | EndToEnd.go:58:18:58:30 | selection of Form | semmle.label | selection of Form |
@@ -11,6 +18,3 @@ nodes
 | EndToEnd.go:64:26:64:38 | selection of Form | semmle.label | selection of Form |
 | EndToEnd.go:64:26:64:55 | call to Get | semmle.label | call to Get |
 subpaths
-#select
-| EndToEnd.go:58:18:58:47 | call to Get | EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:47 | call to Get | This path depends on a $@. | EndToEnd.go:58:18:58:25 | selection of Params | user-provided value |
-| EndToEnd.go:64:26:64:55 | call to Get | EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:55 | call to Get | This path depends on a $@. | EndToEnd.go:64:26:64:33 | selection of Params | user-provided value |
@@ -1 +1,2 @@
-Security/CWE-022/TaintedPath.ql
+query: Security/CWE-022/TaintedPath.ql
+postprocess: TestUtilities/PrettyPrintModels.ql