github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 

Go: automated mad coverage report
This commit is contained in:
Owen Mansel-Chan 2023-10-15 21:49:47 +01:00 коммит произвёл GitHub
Родитель 39bca2d4bb 286271340e
Коммит 53561008a1
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
11 изменённых файлов: 133 добавлений и 13 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
csharp/ql/src/meta/frameworks/Coverage.ql
Просмотреть файл

@ -1,6 +1,6 @@
/**
* @name Framework coverage
* @description The number of API endpoints covered by CSV models sorted by
* @description The number of API endpoints covered by MaD models sorted by
* package and source-, sink-, and summary-kind.
* @kind table
* @id cs/meta/framework-coverage

96
go/documentation/library-coverage/coverage.csv Normal file
Просмотреть файл

@ -0,0 +1,96 @@
package,source,summary,source:remote,summary:taint,summary:value
,,2,,,2
archive/tar,,5,,5,
archive/zip,,6,,6,
bufio,,17,,17,
bytes,,43,,43,
compress/bzip2,,1,,1,
compress/flate,,4,,4,
compress/gzip,,3,,3,
compress/lzw,,1,,1,
compress/zlib,,4,,4,
container/heap,,5,,5,
container/list,,20,,20,
container/ring,,5,,5,
context,,5,,5,
crypto,,1,,1,
crypto/cipher,,3,,3,
crypto/rsa,,2,,2,
crypto/tls,,3,,3,
crypto/x509,,1,,1,
database/sql,,7,,7,
database/sql/driver,,4,,4,
encoding,,4,,4,
encoding/ascii85,,2,,2,
encoding/asn1,,8,,8,
encoding/base32,,3,,3,
encoding/base64,,3,,3,
encoding/binary,,2,,2,
encoding/csv,,5,,5,
encoding/gob,,7,,7,
encoding/hex,,3,,3,
encoding/json,,14,,14,
encoding/pem,,3,,3,
encoding/xml,,23,,23,
errors,,3,,3,
expvar,,6,,6,
fmt,,5,,5,
github.com/astaxie/beego,,7,,7,
github.com/astaxie/beego/context,,1,,1,
github.com/astaxie/beego/utils,,13,,13,
github.com/beego/beego/core/utils,,13,,13,
github.com/beego/beego/server/web,,7,,7,
github.com/beego/beego/server/web/context,,1,,1,
github.com/couchbase/gocb,,18,,18,
github.com/couchbaselabs/gocb,,18,,18,
github.com/elazarl/goproxy,,2,,2,
github.com/evanphx/json-patch,,12,,12,
github.com/gin-gonic/gin,,2,,2,
github.com/go-pg/pg/$ANYVERSION/orm,,6,,6,
github.com/golang/protobuf/$ANYVERSION/proto,,4,,4,
github.com/json-iterator/go,,4,,4,
github.com/labstack/echo,,2,,2,
github.com/revel/revel,,10,,10,
github.com/robfig/revel,,10,,10,
github.com/sendgrid/sendgrid-go/$ANYVERSION/helpers/mail,,1,,1,
go.uber.org/zap,,11,,11,
golang.org/x/net/$ANYVERSION/html,,16,,16,
golang.org/x/net/context,,5,,5,
google.golang.org/protobuf/$ANYVERSION/internal/encoding/text,,1,,1,
google.golang.org/protobuf/$ANYVERSION/internal/impl,,2,,2,
google.golang.org/protobuf/$ANYVERSION/proto,,8,,8,
google.golang.org/protobuf/$ANYVERSION/reflect/protoreflect,,1,,1,
gopkg.in/couchbase/gocb,,18,,18,
gopkg.in/macaron,,1,,1,
gopkg.in/yaml,,9,,9,
html,,2,,2,
html/template,,6,,6,
io,,19,,19,
io/fs,,12,,12,
io/ioutil,,2,,2,
k8s.io/api/core,,10,,10,
k8s.io/apimachinery/$ANYVERSION/pkg/runtime,,47,,47,
log,,3,,3,
mime,,5,,5,
mime/multipart,,8,,8,
mime/quotedprintable,,1,,1,
net,,20,,20,
net/http,8,22,8,22,
net/http/httputil,,10,,10,
net/mail,,6,,6,
net/textproto,,19,,19,
net/url,,23,,23,
os,,4,,4,
path,,5,,5,
path/filepath,,13,,13,
reflect,,37,,37,
regexp,,20,,20,
sort,,1,,1,
strconv,,9,,9,
strings,,34,,34,
sync,,10,,10,
sync/atomic,,24,,24,
syscall,,8,,8,
text/scanner,,3,,3,
text/tabwriter,,1,,1,
text/template,,6,,6,
1 package source summary source:remote summary:taint summary:value
2 2 2
3 archive/tar 5 5
4 archive/zip 6 6
5 bufio 17 17
6 bytes 43 43
7 compress/bzip2 1 1
8 compress/flate 4 4
9 compress/gzip 3 3
10 compress/lzw 1 1
11 compress/zlib 4 4
12 container/heap 5 5
13 container/list 20 20
14 container/ring 5 5
15 context 5 5
16 crypto 1 1
17 crypto/cipher 3 3
18 crypto/rsa 2 2
19 crypto/tls 3 3
20 crypto/x509 1 1
21 database/sql 7 7
22 database/sql/driver 4 4
23 encoding 4 4
24 encoding/ascii85 2 2
25 encoding/asn1 8 8
26 encoding/base32 3 3
27 encoding/base64 3 3
28 encoding/binary 2 2
29 encoding/csv 5 5
30 encoding/gob 7 7
31 encoding/hex 3 3
32 encoding/json 14 14
33 encoding/pem 3 3
34 encoding/xml 23 23
35 errors 3 3
36 expvar 6 6
37 fmt 5 5
38 github.com/astaxie/beego 7 7
39 github.com/astaxie/beego/context 1 1
40 github.com/astaxie/beego/utils 13 13
41 github.com/beego/beego/core/utils 13 13
42 github.com/beego/beego/server/web 7 7
43 github.com/beego/beego/server/web/context 1 1
44 github.com/couchbase/gocb 18 18
45 github.com/couchbaselabs/gocb 18 18
46 github.com/elazarl/goproxy 2 2
47 github.com/evanphx/json-patch 12 12
48 github.com/gin-gonic/gin 2 2
49 github.com/go-pg/pg/$ANYVERSION/orm 6 6
50 github.com/golang/protobuf/$ANYVERSION/proto 4 4
51 github.com/json-iterator/go 4 4
52 github.com/labstack/echo 2 2
53 github.com/revel/revel 10 10
54 github.com/robfig/revel 10 10
55 github.com/sendgrid/sendgrid-go/$ANYVERSION/helpers/mail 1 1
56 go.uber.org/zap 11 11
57 golang.org/x/net/$ANYVERSION/html 16 16
58 golang.org/x/net/context 5 5
59 google.golang.org/protobuf/$ANYVERSION/internal/encoding/text 1 1
60 google.golang.org/protobuf/$ANYVERSION/internal/impl 2 2
61 google.golang.org/protobuf/$ANYVERSION/proto 8 8
62 google.golang.org/protobuf/$ANYVERSION/reflect/protoreflect 1 1
63 gopkg.in/couchbase/gocb 18 18
64 gopkg.in/macaron 1 1
65 gopkg.in/yaml 9 9
66 html 2 2
67 html/template 6 6
68 io 19 19
69 io/fs 12 12
70 io/ioutil 2 2
71 k8s.io/api/core 10 10
72 k8s.io/apimachinery/$ANYVERSION/pkg/runtime 47 47
73 log 3 3
74 mime 5 5
75 mime/multipart 8 8
76 mime/quotedprintable 1 1
77 net 20 20
78 net/http 8 22 8 22
79 net/http/httputil 10 10
80 net/mail 6 6
81 net/textproto 19 19
82 net/url 23 23
83 os 4 4
84 path 5 5
85 path/filepath 13 13
86 reflect 37 37
87 regexp 20 20
88 sort 1 1
89 strconv 9 9
90 strings 34 34
91 sync 10 10
92 sync/atomic 24 24
93 syscall 8 8
94 text/scanner 3 3
95 text/tabwriter 1 1
96 text/template 6 6

12
go/documentation/library-coverage/coverage.rst Normal file
Просмотреть файл

@ -0,0 +1,12 @@
Go framework & library support
================================
.. csv-table::
:header-rows: 1
:class: fullWidthTable
:widths: auto
Framework / library,Package,Flow sources,Taint & value steps,Sinks (total)
Others,"````, ``archive/tar``, ``archive/zip``, ``bufio``, ``bytes``, ``compress/bzip2``, ``compress/flate``, ``compress/gzip``, ``compress/lzw``, ``compress/zlib``, ``container/heap``, ``container/list``, ``container/ring``, ``context``, ``crypto``, ``crypto/cipher``, ``crypto/rsa``, ``crypto/tls``, ``crypto/x509``, ``database/sql``, ``database/sql/driver``, ``encoding``, ``encoding/ascii85``, ``encoding/asn1``, ``encoding/base32``, ``encoding/base64``, ``encoding/binary``, ``encoding/csv``, ``encoding/gob``, ``encoding/hex``, ``encoding/json``, ``encoding/pem``, ``encoding/xml``, ``errors``, ``expvar``, ``fmt``, ``github.com/astaxie/beego``, ``github.com/astaxie/beego/context``, ``github.com/astaxie/beego/utils``, ``github.com/beego/beego/core/utils``, ``github.com/beego/beego/server/web``, ``github.com/beego/beego/server/web/context``, ``github.com/couchbase/gocb``, ``github.com/couchbaselabs/gocb``, ``github.com/elazarl/goproxy``, ``github.com/evanphx/json-patch``, ``github.com/gin-gonic/gin``, ``github.com/go-pg/pg/$ANYVERSION/orm``, ``github.com/golang/protobuf/$ANYVERSION/proto``, ``github.com/json-iterator/go``, ``github.com/labstack/echo``, ``github.com/revel/revel``, ``github.com/robfig/revel``, ``github.com/sendgrid/sendgrid-go/$ANYVERSION/helpers/mail``, ``go.uber.org/zap``, ``golang.org/x/net/$ANYVERSION/html``, ``golang.org/x/net/context``, ``google.golang.org/protobuf/$ANYVERSION/internal/encoding/text``, ``google.golang.org/protobuf/$ANYVERSION/internal/impl``, ``google.golang.org/protobuf/$ANYVERSION/proto``, ``google.golang.org/protobuf/$ANYVERSION/reflect/protoreflect``, ``gopkg.in/couchbase/gocb``, ``gopkg.in/macaron``, ``gopkg.in/yaml``, ``html``, ``html/template``, ``io``, ``io/fs``, ``io/ioutil``, ``k8s.io/api/core``, ``k8s.io/apimachinery/$ANYVERSION/pkg/runtime``, ``log``, ``mime``, ``mime/multipart``, ``mime/quotedprintable``, ``net``, ``net/http``, ``net/http/httputil``, ``net/mail``, ``net/textproto``, ``net/url``, ``os``, ``path``, ``path/filepath``, ``reflect``, ``regexp``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/atomic``, ``syscall``, ``text/scanner``, ``text/tabwriter``, ``text/template``",8,826,
Totals,,8,826,

1
go/documentation/library-coverage/cwe-sink.csv Normal file
Просмотреть файл

@ -0,0 +1 @@
CWE,Sink identifier,Label
1 CWE Sink identifier Label

1
go/documentation/library-coverage/frameworks.csv Normal file
Просмотреть файл

@ -0,0 +1 @@
Framework name,URL,Package prefixes
1 Framework name URL Package prefixes

8
go/ql/lib/semmle/go/dataflow/ExternalFlow.qll
Просмотреть файл

@ -82,14 +82,6 @@ private import internal.AccessPathSyntax
private import FlowSummary
private import codeql.mad.ModelValidation as SharedModelVal
/**
* A module importing the frameworks that provide external flow data,
* ensuring that they are visible to the taint tracking / data flow library.
*/
private module Frameworks {
private import semmle.go.frameworks.Stdlib
}
/** Holds if a source model exists for the given parameters. */
predicate sourceModel = Extensions::sourceModel/9;

14
go/ql/src/meta/frameworks/Coverage.ql Normal file
Просмотреть файл

@ -0,0 +1,14 @@
/**
* @name Framework coverage
* @description The number of API endpoints covered by MaD models sorted by
* package and source-, sink-, and summary-kind.
* @kind table
* @id go/meta/framework-coverage
*/
import go
import semmle.go.dataflow.ExternalFlow
from string package, int pkgs, string kind, string part, int n
where modelCoverage(package, pkgs, kind, part, n)
select package, pkgs, kind, part, n

2
java/ql/src/meta/frameworks/Coverage.ql
Просмотреть файл

@ -1,6 +1,6 @@
/**
* @name Framework coverage
* @description The number of API endpoints covered by CSV models sorted by
* @description The number of API endpoints covered by MaD models sorted by
* package and source-, sink-, and summary-kind.
* @kind table
* @id java/meta/framework-coverage

4
misc/scripts/library-coverage/generate-report.py
Просмотреть файл

@ -114,7 +114,9 @@ configs = [
utils.LanguageConfig(
"java", "Java", ".java", query_prefix + "java/ql/src/meta/frameworks/Coverage.ql"),
utils.LanguageConfig(
"csharp", "C#", ".cs", query_prefix + "csharp/ql/src/meta/frameworks/Coverage.ql")
"csharp", "C#", ".cs", query_prefix + "csharp/ql/src/meta/frameworks/Coverage.ql"),
utils.LanguageConfig(
"go", "Go", ".go", query_prefix + "go/ql/src/meta/frameworks/Coverage.ql")
]
# The names of input and output files. The placeholder {language} is replaced with the language name.

4
misc/scripts/library-coverage/generate-timeseries.py
Просмотреть файл

@ -74,7 +74,9 @@ configs = [
utils.LanguageConfig(
"java", "Java", ".java", "java/ql/src/meta/frameworks/Coverage.ql", ["java/ql/lib/config/semmlecode.dbscheme", "java/ql/src/config/semmlecode.dbscheme"]),
utils.LanguageConfig(
"csharp", "C#", ".cs", "csharp/ql/src/meta/frameworks/Coverage.ql", ["csharp/ql/lib/semmlecode.csharp.dbscheme", "csharp/ql/src/semmlecode.csharp.dbscheme"])
"csharp", "C#", ".cs", "csharp/ql/src/meta/frameworks/Coverage.ql", ["csharp/ql/lib/semmlecode.csharp.dbscheme", "csharp/ql/src/semmlecode.csharp.dbscheme"]),
utils.LanguageConfig(
"go", "Go", ".go", "go/ql/src/meta/frameworks/Coverage.ql", ["go/ql/lib/go.dbscheme", "go/ql/src/go.dbscheme"])
]
output_prefix = "framework-coverage-timeseries-"

2
misc/scripts/library-coverage/settings.py
Просмотреть файл

@ -21,4 +21,4 @@ output_csv_file_name = "coverage.csv"
repo_output_rst = documentation_folder + output_rst_file_name
repo_output_csv = documentation_folder + output_csv_file_name
languages = ['java', 'csharp']
languages = ['java', 'csharp', 'go']