From 1464305347d0189834011c3f5091e92246778f77 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jan 2025 16:43:59 +0000 Subject: [PATCH 1/4] Model additions to `encoding` in Go 1.24 Add models for `BinaryAppender` and `TextAppender`. --- go/ql/lib/ext/encoding.model.yml | 4 ++ .../go/frameworks/StdlibTaintFlow/Encoding.go | 50 ++++++++++++++++++- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/go/ql/lib/ext/encoding.model.yml b/go/ql/lib/ext/encoding.model.yml index bc1c92e91a75..f2f48e3ebfe6 100644 --- a/go/ql/lib/ext/encoding.model.yml +++ b/go/ql/lib/ext/encoding.model.yml @@ -3,7 +3,11 @@ extensions: pack: codeql/go-all extensible: summaryModel data: + - ["encoding", "BinaryAppender", True, "AppendBinary", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding", "BinaryAppender", True, "AppendBinary", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["encoding", "BinaryMarshaler", True, "MarshalBinary", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["encoding", "BinaryUnmarshaler", True, "UnmarshalBinary", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] + - ["encoding", "TextAppender", True, "AppendText", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] + - ["encoding", "TextAppender", True, "AppendText", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] - ["encoding", "TextMarshaler", True, "MarshalText", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] - ["encoding", "TextUnmarshaler", True, "UnmarshalText", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Encoding.go b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Encoding.go index 838ab9ae001b..3d6e38fce67e 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Encoding.go +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Encoding.go @@ -1,5 +1,3 @@ -// Code generated by https://github.com/gagliardetto/codebox. DO NOT EDIT. - package main import "encoding" @@ -30,6 +28,34 @@ func TaintStepTest_EncodingTextUnmarshalerUnmarshalText_B0I0O0(sourceCQL interfa return intoTextUnmarshaler443 } +func TaintStepTest_EncodingBinaryAppenderAppendBinary_manual1(sourceCQL interface{}) interface{} { + fromBinaryAppender := sourceCQL.(encoding.BinaryAppender) + var arg0 []byte + intoByte, _ := fromBinaryAppender.AppendBinary(arg0) + return intoByte +} + +func TaintStepTest_EncodingBinaryAppenderAppendBinary_manual2(sourceCQL interface{}) interface{} { + var recv encoding.BinaryAppender + fromByteSlice := sourceCQL.([]byte) + intoByte, _ := recv.AppendBinary(fromByteSlice) + return intoByte +} + +func TaintStepTest_EncodingTextAppenderAppendText_manual1(sourceCQL interface{}) interface{} { + fromTextAppender := sourceCQL.(encoding.TextAppender) + var arg0 []byte + intoByte, _ := fromTextAppender.AppendText(arg0) + return intoByte +} + +func TaintStepTest_EncodingTextAppenderAppendText_manual2(sourceCQL interface{}) interface{} { + var recv encoding.TextAppender + fromByteSlice := sourceCQL.([]byte) + intoByte, _ := recv.AppendText(fromByteSlice) + return intoByte +} + func RunAllTaints_Encoding() { { source := newSource(0) @@ -51,4 +77,24 @@ func RunAllTaints_Encoding() { out := TaintStepTest_EncodingTextUnmarshalerUnmarshalText_B0I0O0(source) sink(3, out) } + { + source := newSource(4) + out := TaintStepTest_EncodingBinaryAppenderAppendBinary_manual1(source) + sink(4, out) + } + { + source := newSource(5) + out := TaintStepTest_EncodingBinaryAppenderAppendBinary_manual2(source) + sink(5, out) + } + { + source := newSource(6) + out := TaintStepTest_EncodingTextAppenderAppendText_manual1(source) + sink(6, out) + } + { + source := newSource(7) + out := TaintStepTest_EncodingTextAppenderAppendText_manual2(source) + sink(7, out) + } } From a5373349f1d3e982304b2f10c483e03d8c7f0877 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jan 2025 16:48:02 +0000 Subject: [PATCH 2/4] Add models for `weak` package, added in Go 1.24 --- go/ql/lib/ext/weak.model.yml | 7 +++++ .../go/frameworks/StdlibTaintFlow/Weak.go | 27 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 go/ql/lib/ext/weak.model.yml create mode 100644 go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Weak.go diff --git a/go/ql/lib/ext/weak.model.yml b/go/ql/lib/ext/weak.model.yml new file mode 100644 index 000000000000..7ae865ce2cb1 --- /dev/null +++ b/go/ql/lib/ext/weak.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["weak", "", False, "Make", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] + - ["weak", "Pointer", False, "Value", "", "", "Argument[receiver]", "ReturnValue[0]", "taint", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Weak.go b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Weak.go new file mode 100644 index 000000000000..e10730ca7d1f --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Weak.go @@ -0,0 +1,27 @@ +package main + +import "weak" + +func TaintStepTest_WeakMake_manual(sourceCQL interface{}) interface{} { + fromStringPointer := sourceCQL.(*string) + intoWeakPointer := weak.Make(fromStringPointer) + return intoWeakPointer +} +func TaintStepTest_WeakValue_manual(sourceCQL interface{}) interface{} { + fromWeakPointer := sourceCQL.(weak.Pointer[string]) + intoStringPointer := fromWeakPointer.Value() + return intoStringPointer +} + +func RunAllTaints_Weak() { + { + source := newSource(0) + out := TaintStepTest_WeakMake_manual(source) + sink(0, out) + } + { + source := newSource(1) + out := TaintStepTest_WeakValue_manual(source) + sink(1, out) + } +} From d06be06f9a5902fef5f8f24feaa54424f56bdda9 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Thu, 9 Jan 2025 10:31:04 +0000 Subject: [PATCH 3/4] Update go version required for stdlib tests --- .../library-tests/semmle/go/frameworks/StdlibTaintFlow/go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/go.mod b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/go.mod index 4168c0a398b9..5ba39421f3b8 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/go.mod +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/go.mod @@ -1,6 +1,6 @@ module example.com/m -go 1.23 +go 1.24 require ( golang.org/x/net v0.0.0-20201010224723-4f7140c49acb From 6823bb7fb031eef0f4c985c986b175e667d92f96 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Thu, 9 Jan 2025 10:34:52 +0000 Subject: [PATCH 4/4] Add change note --- go/ql/lib/change-notes/2025-01-09-model-stdlib-1.24.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 go/ql/lib/change-notes/2025-01-09-model-stdlib-1.24.md diff --git a/go/ql/lib/change-notes/2025-01-09-model-stdlib-1.24.md b/go/ql/lib/change-notes/2025-01-09-model-stdlib-1.24.md new file mode 100644 index 000000000000..a7032bdd536f --- /dev/null +++ b/go/ql/lib/change-notes/2025-01-09-model-stdlib-1.24.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Taint models have been added for the `weak` package, added in Go 1.24. +* Taint models have been added for the interfaces `TextAppender` and `BinaryAppender` in the `encoding` package, which were added in Go 1.24.