diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected index 03f4d500ce9..4ec7a2210fd 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected @@ -1,105 +1,279 @@ +#select +| test.go:35:13:35:30 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:36:13:36:27 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:37:13:37:29 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:42:13:42:43 | type conversion | test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:42:20:42:42 | call to Cookie | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:47:13:47:52 | type conversion | test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:47:20:47:31 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:52:13:52:53 | type conversion | test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:52:20:52:43 | call to GetData | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:57:13:57:43 | type conversion | test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:57:20:57:42 | call to Header | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:62:13:62:42 | type conversion | test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:62:20:62:41 | call to Param | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:67:13:67:45 | type conversion | test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:67:20:67:33 | call to Params | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:72:13:72:42 | type conversion | test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:72:20:72:41 | call to Query | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:77:13:77:33 | type conversion | test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:77:20:77:32 | call to Refer | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:82:13:82:35 | type conversion | test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:82:20:82:34 | call to Referer | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:87:13:87:31 | type conversion | test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:87:20:87:30 | call to URI | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:92:13:92:31 | type conversion | test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:92:20:92:30 | call to URL | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:97:13:97:37 | type conversion | test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:97:20:97:36 | call to UserAgent | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:102:14:102:45 | type assertion | test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:102:14:102:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:114:14:114:45 | type assertion | test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:114:14:114:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:126:14:126:45 | type assertion | test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:126:14:126:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:143:23:143:62 | type assertion | test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:143:23:143:42 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:200:14:200:55 | type conversion | test.go:199:15:199:26 | call to Data | test.go:200:14:200:55 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:201:14:201:58 | type conversion | test.go:199:15:199:26 | call to Data | test.go:201:14:201:58 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:203:14:203:28 | type assertion | test.go:199:15:199:26 | call to Data | test.go:203:14:203:28 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:204:14:204:55 | type conversion | test.go:199:15:199:26 | call to Data | test.go:204:14:204:55 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:205:14:205:59 | type conversion | test.go:199:15:199:26 | call to Data | test.go:205:14:205:59 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:209:14:209:28 | type conversion | test.go:208:18:208:33 | selection of Form | test.go:209:14:209:28 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:208:18:208:33 | selection of Form | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:224:14:224:32 | type conversion | test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:223:2:223:34 | ... := ...[1] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:226:14:226:20 | content | test.go:223:2:223:34 | ... := ...[0] | test.go:226:14:226:20 | content | Cross-site scripting vulnerability due to $@. | test.go:223:2:223:34 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:229:14:229:38 | type conversion | test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:228:2:228:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:232:14:232:22 | type conversion | test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:231:7:231:28 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:235:14:235:26 | type conversion | test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:234:8:234:35 | call to GetStrings | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:238:14:238:27 | type conversion | test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:237:9:237:17 | call to Input | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:242:14:242:30 | type conversion | test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:240:6:240:8 | definition of str | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:249:21:249:29 | untrusted | test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | Cross-site scripting vulnerability due to $@. | test.go:246:15:246:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:259:16:259:45 | type conversion | test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:259:23:259:44 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:264:16:264:37 | call to GetCookie | test.go:264:16:264:37 | call to GetCookie | test.go:264:16:264:37 | call to GetCookie | Cross-site scripting vulnerability due to $@. | test.go:264:16:264:37 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:265:15:265:41 | call to GetCookie | test.go:265:15:265:41 | call to GetCookie | test.go:265:15:265:41 | call to GetCookie | Cross-site scripting vulnerability due to $@. | test.go:265:15:265:41 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:270:55:270:84 | type conversion | test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:270:62:270:83 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:283:21:283:61 | call to GetDisplayString | test.go:275:2:275:40 | ... := ...[0] | test.go:283:21:283:61 | call to GetDisplayString | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:284:21:284:92 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:284:21:284:92 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:285:21:285:96 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:285:21:285:96 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:290:3:292:80 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:290:3:292:80 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:293:21:293:101 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:293:21:293:101 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:294:21:294:101 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:294:21:294:101 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:295:21:295:97 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:295:21:295:97 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:296:21:296:97 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:296:21:296:97 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:297:21:297:102 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:297:21:297:102 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:298:21:298:102 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:298:21:298:102 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:299:21:299:82 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:299:21:299:82 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:301:21:301:133 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:301:21:301:133 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:302:21:302:88 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:302:21:302:88 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:303:21:303:87 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:303:21:303:87 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:311:21:311:48 | type assertion | test.go:309:15:309:36 | call to GetString | test.go:311:21:311:48 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:309:15:309:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | +| test.go:312:21:312:52 | type assertion | test.go:309:15:309:36 | call to GetString | test.go:312:21:312:52 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:309:15:309:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | edges -| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:291 | -| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:291 | -| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:291 | -| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:292 | -| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:293 | -| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:294 | -| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:295 | -| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:296 | -| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:297 | -| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:298 | -| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:299 | -| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:300 | -| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:302 | -| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:303 | -| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:304 | -| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:293 | -| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:293 | -| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:293 | -| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:293 | -| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:293 | -| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:293 | -| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:293 | -| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:293 | -| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:293 | +| test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | provenance | Src:MaD:14 | +| test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | provenance | Src:MaD:14 | +| test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | provenance | Src:MaD:14 | +| test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | provenance | Src:MaD:15 | +| test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | provenance | Src:MaD:16 | +| test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | provenance | Src:MaD:17 | +| test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | provenance | Src:MaD:18 | +| test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | provenance | Src:MaD:19 | +| test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | provenance | Src:MaD:20 | +| test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | provenance | Src:MaD:21 | +| test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | provenance | Src:MaD:22 | +| test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | provenance | Src:MaD:23 | +| test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | provenance | Src:MaD:24 | +| test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | provenance | Src:MaD:25 | +| test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | provenance | Src:MaD:26 | +| test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | provenance | Src:MaD:16 | +| test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | provenance | Src:MaD:16 | +| test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | provenance | Src:MaD:16 | +| test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | provenance | Src:MaD:16 | +| test.go:199:15:199:26 | call to Data | test.go:200:36:200:53 | type assertion | provenance | Src:MaD:16 | +| test.go:199:15:199:26 | call to Data | test.go:201:39:201:56 | type assertion | provenance | Src:MaD:16 | +| test.go:199:15:199:26 | call to Data | test.go:202:28:202:56 | type assertion | provenance | Src:MaD:16 | +| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | Src:MaD:16 | +| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | Src:MaD:16 | | test.go:200:21:200:54 | call to HTML2str | test.go:200:14:200:55 | type conversion | provenance | | -| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:309 | +| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:28 | | test.go:201:21:201:57 | call to Htmlunquote | test.go:201:14:201:58 | type conversion | provenance | | -| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:311 | +| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:29 | | test.go:202:2:202:68 | ... := ...[0] | test.go:203:14:203:28 | type assertion | provenance | | -| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:312 | +| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:30 | | test.go:204:21:204:54 | call to Str2html | test.go:204:14:204:55 | type conversion | provenance | | -| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:314 | +| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:32 | | test.go:205:21:205:58 | call to Substr | test.go:205:14:205:59 | type conversion | provenance | | -| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:315 | +| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:33 | | test.go:207:6:207:6 | definition of s | test.go:209:14:209:28 | type conversion | provenance | | -| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | Src:MaD:867 MaD:313 | -| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:317 | -| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:317 | +| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | Src:MaD:41 MaD:31 | +| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | Src:MaD:35 | +| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | Src:MaD:35 | | test.go:225:2:225:32 | ... := ...[0] | test.go:226:14:226:20 | content | provenance | | -| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:730 | -| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:318 | -| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:319 | -| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:320 | -| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:321 | -| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:316 | -| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:319 | -| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:305 | -| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:305 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:318 | -| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:318 | +| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:40 | +| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | Src:MaD:36 | +| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | Src:MaD:37 | +| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | Src:MaD:38 | +| test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | provenance | Src:MaD:39 | +| test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | provenance | Src:MaD:34 | +| test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | provenance | Src:MaD:37 | +| test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | provenance | Src:MaD:27 | +| test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | provenance | Src:MaD:27 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:278:21:278:28 | index expression | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:283:44:283:60 | selection of Filename | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:284:38:284:49 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:285:37:285:48 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:291:4:291:15 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:293:42:293:53 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:294:53:294:64 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:295:38:295:49 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:296:49:296:60 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:297:51:297:65 | index expression | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:298:36:298:47 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:299:37:299:48 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:301:39:301:50 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:302:40:302:51 | genericFiles | provenance | Src:MaD:36 | +| test.go:275:2:275:40 | ... := ...[0] | test.go:303:39:303:50 | genericFiles | provenance | Src:MaD:36 | | test.go:276:2:276:13 | definition of genericFiles [array] | test.go:297:51:297:62 | genericFiles [array] | provenance | | | test.go:278:21:278:28 | index expression | test.go:276:2:276:13 | definition of genericFiles [array] | provenance | | | test.go:283:44:283:60 | selection of Filename | test.go:283:21:283:61 | call to GetDisplayString | provenance | FunctionModel | | test.go:284:21:284:53 | call to SliceChunk | test.go:284:21:284:92 | selection of Filename | provenance | | -| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:274 | +| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:1 | | test.go:285:21:285:60 | call to SliceDiff | test.go:285:21:285:96 | selection of Filename | provenance | | -| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:275 | +| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:2 | | test.go:290:3:292:44 | call to SliceFilter | test.go:290:3:292:80 | selection of Filename | provenance | | -| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:276 | +| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:3 | | test.go:293:21:293:65 | call to SliceIntersect | test.go:293:21:293:101 | selection of Filename | provenance | | -| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:277 | +| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:4 | | test.go:294:21:294:65 | call to SliceIntersect | test.go:294:21:294:101 | selection of Filename | provenance | | -| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:277 | +| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:4 | | test.go:295:21:295:61 | call to SliceMerge | test.go:295:21:295:97 | selection of Filename | provenance | | -| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:278 | +| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:5 | | test.go:296:21:296:61 | call to SliceMerge | test.go:296:21:296:97 | selection of Filename | provenance | | -| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:278 | +| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:5 | | test.go:297:21:297:66 | call to SlicePad | test.go:297:21:297:102 | selection of Filename | provenance | | | test.go:297:51:297:62 | genericFiles [array] | test.go:297:51:297:65 | index expression | provenance | | -| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:279 | +| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:6 | | test.go:298:21:298:66 | call to SlicePad | test.go:298:21:298:102 | selection of Filename | provenance | | -| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:279 | +| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:6 | | test.go:299:21:299:49 | call to SliceRand | test.go:299:21:299:82 | selection of Filename | provenance | | -| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:280 | +| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:7 | | test.go:301:21:301:97 | call to SliceReduce | test.go:301:21:301:133 | selection of Filename | provenance | | -| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:281 | +| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:8 | | test.go:302:21:302:52 | call to SliceShuffle | test.go:302:21:302:88 | selection of Filename | provenance | | -| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:282 | +| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:9 | | test.go:303:21:303:51 | call to SliceUnique | test.go:303:21:303:87 | selection of Filename | provenance | | -| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:283 | +| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:10 | | test.go:308:2:308:5 | definition of bMap | test.go:311:21:311:24 | bMap | provenance | | | test.go:308:2:308:5 | definition of bMap | test.go:312:21:312:24 | bMap | provenance | | -| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:319 | -| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:286 | -| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:284 | +| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | Src:MaD:37 | +| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:13 | +| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:11 | | test.go:311:21:311:39 | call to Get | test.go:311:21:311:48 | type assertion | provenance | | -| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:285 | +| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:12 | | test.go:312:21:312:32 | call to Items | test.go:312:21:312:52 | type assertion | provenance | | +models +| 1 | Summary: github.com/astaxie/beego/utils; ; false; SliceChunk; ; ; Argument[0]; ReturnValue; taint; manual | +| 1 | Summary: github.com/beego/beego/core/utils; ; false; SliceChunk; ; ; Argument[0]; ReturnValue; taint; manual | +| 1 | Summary: github.com/beego/beego/utils; ; false; SliceChunk; ; ; Argument[0]; ReturnValue; taint; manual | +| 2 | Summary: github.com/astaxie/beego/utils; ; false; SliceDiff; ; ; Argument[0]; ReturnValue; taint; manual | +| 2 | Summary: github.com/beego/beego/core/utils; ; false; SliceDiff; ; ; Argument[0]; ReturnValue; taint; manual | +| 2 | Summary: github.com/beego/beego/utils; ; false; SliceDiff; ; ; Argument[0]; ReturnValue; taint; manual | +| 3 | Summary: github.com/astaxie/beego/utils; ; false; SliceFilter; ; ; Argument[0]; ReturnValue; taint; manual | +| 3 | Summary: github.com/beego/beego/core/utils; ; false; SliceFilter; ; ; Argument[0]; ReturnValue; taint; manual | +| 3 | Summary: github.com/beego/beego/utils; ; false; SliceFilter; ; ; Argument[0]; ReturnValue; taint; manual | +| 4 | Summary: github.com/astaxie/beego/utils; ; false; SliceIntersect; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 4 | Summary: github.com/beego/beego/core/utils; ; false; SliceIntersect; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 4 | Summary: github.com/beego/beego/utils; ; false; SliceIntersect; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 5 | Summary: github.com/astaxie/beego/utils; ; false; SliceMerge; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 5 | Summary: github.com/beego/beego/core/utils; ; false; SliceMerge; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 5 | Summary: github.com/beego/beego/utils; ; false; SliceMerge; ; ; Argument[0..1]; ReturnValue; taint; manual | +| 6 | Summary: github.com/astaxie/beego/utils; ; false; SlicePad; ; ; Argument[0..2]; ReturnValue; taint; manual | +| 6 | Summary: github.com/beego/beego/core/utils; ; false; SlicePad; ; ; Argument[0..2]; ReturnValue; taint; manual | +| 6 | Summary: github.com/beego/beego/utils; ; false; SlicePad; ; ; Argument[0..2]; ReturnValue; taint; manual | +| 7 | Summary: github.com/astaxie/beego/utils; ; false; SliceRand; ; ; Argument[0]; ReturnValue; taint; manual | +| 7 | Summary: github.com/beego/beego/core/utils; ; false; SliceRand; ; ; Argument[0]; ReturnValue; taint; manual | +| 7 | Summary: github.com/beego/beego/utils; ; false; SliceRand; ; ; Argument[0]; ReturnValue; taint; manual | +| 8 | Summary: github.com/astaxie/beego/utils; ; false; SliceReduce; ; ; Argument[0]; ReturnValue; taint; manual | +| 8 | Summary: github.com/beego/beego/core/utils; ; false; SliceReduce; ; ; Argument[0]; ReturnValue; taint; manual | +| 8 | Summary: github.com/beego/beego/utils; ; false; SliceReduce; ; ; Argument[0]; ReturnValue; taint; manual | +| 9 | Summary: github.com/astaxie/beego/utils; ; false; SliceShuffle; ; ; Argument[0]; ReturnValue; taint; manual | +| 9 | Summary: github.com/beego/beego/core/utils; ; false; SliceShuffle; ; ; Argument[0]; ReturnValue; taint; manual | +| 9 | Summary: github.com/beego/beego/utils; ; false; SliceShuffle; ; ; Argument[0]; ReturnValue; taint; manual | +| 10 | Summary: github.com/astaxie/beego/utils; ; false; SliceUnique; ; ; Argument[0]; ReturnValue; taint; manual | +| 10 | Summary: github.com/beego/beego/core/utils; ; false; SliceUnique; ; ; Argument[0]; ReturnValue; taint; manual | +| 10 | Summary: github.com/beego/beego/utils; ; false; SliceUnique; ; ; Argument[0]; ReturnValue; taint; manual | +| 11 | Summary: github.com/astaxie/beego/utils; BeeMap; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 11 | Summary: github.com/beego/beego/core/utils; BeeMap; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 11 | Summary: github.com/beego/beego/utils; BeeMap; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 12 | Summary: github.com/astaxie/beego/utils; BeeMap; true; Items; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 12 | Summary: github.com/beego/beego/core/utils; BeeMap; true; Items; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 12 | Summary: github.com/beego/beego/utils; BeeMap; true; Items; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 13 | Summary: github.com/astaxie/beego/utils; BeeMap; true; Set; ; ; Argument[1]; Argument[receiver]; taint; manual | +| 13 | Summary: github.com/beego/beego/core/utils; BeeMap; true; Set; ; ; Argument[1]; Argument[receiver]; taint; manual | +| 13 | Summary: github.com/beego/beego/utils; BeeMap; true; Set; ; ; Argument[1]; Argument[receiver]; taint; manual | +| 14 | Source: github.com/astaxie/beego/context; BeegoInput; true; Bind; ; ; Argument[0]; remote; manual | +| 14 | Source: github.com/beego/beego/context; BeegoInput; true; Bind; ; ; Argument[0]; remote; manual | +| 14 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Bind; ; ; Argument[0]; remote; manual | +| 15 | Source: github.com/astaxie/beego/context; BeegoInput; true; Cookie; ; ; ReturnValue[0]; remote; manual | +| 15 | Source: github.com/beego/beego/context; BeegoInput; true; Cookie; ; ; ReturnValue[0]; remote; manual | +| 15 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Cookie; ; ; ReturnValue[0]; remote; manual | +| 16 | Source: github.com/astaxie/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 16 | Source: github.com/beego/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 16 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 17 | Source: github.com/astaxie/beego/context; BeegoInput; true; GetData; ; ; ReturnValue[0]; remote; manual | +| 17 | Source: github.com/beego/beego/context; BeegoInput; true; GetData; ; ; ReturnValue[0]; remote; manual | +| 17 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; GetData; ; ; ReturnValue[0]; remote; manual | +| 18 | Source: github.com/astaxie/beego/context; BeegoInput; true; Header; ; ; ReturnValue[0]; remote; manual | +| 18 | Source: github.com/beego/beego/context; BeegoInput; true; Header; ; ; ReturnValue[0]; remote; manual | +| 18 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Header; ; ; ReturnValue[0]; remote; manual | +| 19 | Source: github.com/astaxie/beego/context; BeegoInput; true; Param; ; ; ReturnValue[0]; remote; manual | +| 19 | Source: github.com/beego/beego/context; BeegoInput; true; Param; ; ; ReturnValue[0]; remote; manual | +| 19 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Param; ; ; ReturnValue[0]; remote; manual | +| 20 | Source: github.com/astaxie/beego/context; BeegoInput; true; Params; ; ; ReturnValue[0]; remote; manual | +| 20 | Source: github.com/beego/beego/context; BeegoInput; true; Params; ; ; ReturnValue[0]; remote; manual | +| 20 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Params; ; ; ReturnValue[0]; remote; manual | +| 21 | Source: github.com/astaxie/beego/context; BeegoInput; true; Query; ; ; ReturnValue[0]; remote; manual | +| 21 | Source: github.com/beego/beego/context; BeegoInput; true; Query; ; ; ReturnValue[0]; remote; manual | +| 21 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Query; ; ; ReturnValue[0]; remote; manual | +| 22 | Source: github.com/astaxie/beego/context; BeegoInput; true; Refer; ; ; ReturnValue[0]; remote; manual | +| 22 | Source: github.com/beego/beego/context; BeegoInput; true; Refer; ; ; ReturnValue[0]; remote; manual | +| 22 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Refer; ; ; ReturnValue[0]; remote; manual | +| 23 | Source: github.com/astaxie/beego/context; BeegoInput; true; Referer; ; ; ReturnValue[0]; remote; manual | +| 23 | Source: github.com/beego/beego/context; BeegoInput; true; Referer; ; ; ReturnValue[0]; remote; manual | +| 23 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Referer; ; ; ReturnValue[0]; remote; manual | +| 24 | Source: github.com/astaxie/beego/context; BeegoInput; true; URI; ; ; ReturnValue[0]; remote; manual | +| 24 | Source: github.com/beego/beego/context; BeegoInput; true; URI; ; ; ReturnValue[0]; remote; manual | +| 24 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; URI; ; ; ReturnValue[0]; remote; manual | +| 25 | Source: github.com/astaxie/beego/context; BeegoInput; true; URL; ; ; ReturnValue[0]; remote; manual | +| 25 | Source: github.com/beego/beego/context; BeegoInput; true; URL; ; ; ReturnValue[0]; remote; manual | +| 25 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; URL; ; ; ReturnValue[0]; remote; manual | +| 26 | Source: github.com/astaxie/beego/context; BeegoInput; true; UserAgent; ; ; ReturnValue[0]; remote; manual | +| 26 | Source: github.com/beego/beego/context; BeegoInput; true; UserAgent; ; ; ReturnValue[0]; remote; manual | +| 26 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; UserAgent; ; ; ReturnValue[0]; remote; manual | +| 27 | Source: github.com/astaxie/beego/context; Context; true; GetCookie; ; ; ReturnValue; remote; manual | +| 27 | Source: github.com/beego/beego/context; Context; true; GetCookie; ; ; ReturnValue; remote; manual | +| 27 | Source: github.com/beego/beego/server/web/context; Context; true; GetCookie; ; ; ReturnValue; remote; manual | +| 28 | Summary: github.com/astaxie/beego; ; false; HTML2str; ; ; Argument[0]; ReturnValue; taint; manual | +| 28 | Summary: github.com/beego/beego/server/web; ; false; HTML2str; ; ; Argument[0]; ReturnValue; taint; manual | +| 28 | Summary: github.com/beego/beego; ; false; HTML2str; ; ; Argument[0]; ReturnValue; taint; manual | +| 29 | Summary: github.com/astaxie/beego; ; false; Htmlunquote; ; ; Argument[0]; ReturnValue; taint; manual | +| 29 | Summary: github.com/beego/beego/server/web; ; false; Htmlunquote; ; ; Argument[0]; ReturnValue; taint; manual | +| 29 | Summary: github.com/beego/beego; ; false; Htmlunquote; ; ; Argument[0]; ReturnValue; taint; manual | +| 30 | Summary: github.com/astaxie/beego; ; false; MapGet; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 30 | Summary: github.com/beego/beego/server/web; ; false; MapGet; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 30 | Summary: github.com/beego/beego; ; false; MapGet; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 31 | Summary: github.com/astaxie/beego; ; false; ParseForm; ; ; Argument[0]; Argument[1]; taint; manual | +| 31 | Summary: github.com/beego/beego/server/web; ; false; ParseForm; ; ; Argument[0]; Argument[1]; taint; manual | +| 31 | Summary: github.com/beego/beego; ; false; ParseForm; ; ; Argument[0]; Argument[1]; taint; manual | +| 32 | Summary: github.com/astaxie/beego; ; false; Str2html; ; ; Argument[0]; ReturnValue; taint; manual | +| 32 | Summary: github.com/beego/beego/server/web; ; false; Str2html; ; ; Argument[0]; ReturnValue; taint; manual | +| 32 | Summary: github.com/beego/beego; ; false; Str2html; ; ; Argument[0]; ReturnValue; taint; manual | +| 33 | Summary: github.com/astaxie/beego; ; false; Substr; ; ; Argument[0]; ReturnValue; taint; manual | +| 33 | Summary: github.com/beego/beego/server/web; ; false; Substr; ; ; Argument[0]; ReturnValue; taint; manual | +| 33 | Summary: github.com/beego/beego; ; false; Substr; ; ; Argument[0]; ReturnValue; taint; manual | +| 34 | Source: github.com/astaxie/beego; Controller; true; ParseForm; ; ; Argument[0]; remote; manual | +| 34 | Source: github.com/beego/beego/server/web; Controller; true; ParseForm; ; ; Argument[0]; remote; manual | +| 34 | Source: github.com/beego/beego; Controller; true; ParseForm; ; ; Argument[0]; remote; manual | +| 35 | Source: github.com/astaxie/beego; Controller; true; GetFile; ; ; ReturnValue[0..1]; remote; manual | +| 35 | Source: github.com/beego/beego/server/web; Controller; true; GetFile; ; ; ReturnValue[0..1]; remote; manual | +| 35 | Source: github.com/beego/beego; Controller; true; GetFile; ; ; ReturnValue[0..1]; remote; manual | +| 36 | Source: github.com/astaxie/beego; Controller; true; GetFiles; ; ; ReturnValue[0]; remote; manual | +| 36 | Source: github.com/beego/beego/server/web; Controller; true; GetFiles; ; ; ReturnValue[0]; remote; manual | +| 36 | Source: github.com/beego/beego; Controller; true; GetFiles; ; ; ReturnValue[0]; remote; manual | +| 37 | Source: github.com/astaxie/beego; Controller; true; GetString; ; ; ReturnValue[0]; remote; manual | +| 37 | Source: github.com/beego/beego/server/web; Controller; true; GetString; ; ; ReturnValue[0]; remote; manual | +| 37 | Source: github.com/beego/beego; Controller; true; GetString; ; ; ReturnValue[0]; remote; manual | +| 38 | Source: github.com/astaxie/beego; Controller; true; GetStrings; ; ; ReturnValue[0]; remote; manual | +| 38 | Source: github.com/beego/beego/server/web; Controller; true; GetStrings; ; ; ReturnValue[0]; remote; manual | +| 38 | Source: github.com/beego/beego; Controller; true; GetStrings; ; ; ReturnValue[0]; remote; manual | +| 39 | Source: github.com/astaxie/beego; Controller; true; Input; ; ; ReturnValue[0]; remote; manual | +| 39 | Source: github.com/beego/beego/server/web; Controller; true; Input; ; ; ReturnValue[0]; remote; manual | +| 39 | Source: github.com/beego/beego; Controller; true; Input; ; ; ReturnValue[0]; remote; manual | +| 40 | Summary: io/ioutil; ; false; ReadAll; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 41 | Source: net/http; Request; true; Form; ; ; ; remote; manual | nodes | test.go:33:6:33:10 | definition of bound | semmle.label | definition of bound | | test.go:35:13:35:30 | type conversion | semmle.label | type conversion | @@ -235,57 +409,3 @@ nodes | test.go:312:21:312:32 | call to Items | semmle.label | call to Items | | test.go:312:21:312:52 | type assertion | semmle.label | type assertion | subpaths -#select -| test.go:35:13:35:30 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:35:13:35:30 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:36:13:36:27 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:36:13:36:27 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:37:13:37:29 | type conversion | test.go:33:6:33:10 | definition of bound | test.go:37:13:37:29 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:33:6:33:10 | definition of bound | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:42:13:42:43 | type conversion | test.go:42:20:42:42 | call to Cookie | test.go:42:13:42:43 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:42:20:42:42 | call to Cookie | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:47:13:47:52 | type conversion | test.go:47:20:47:31 | call to Data | test.go:47:13:47:52 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:47:20:47:31 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:52:13:52:53 | type conversion | test.go:52:20:52:43 | call to GetData | test.go:52:13:52:53 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:52:20:52:43 | call to GetData | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:57:13:57:43 | type conversion | test.go:57:20:57:42 | call to Header | test.go:57:13:57:43 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:57:20:57:42 | call to Header | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:62:13:62:42 | type conversion | test.go:62:20:62:41 | call to Param | test.go:62:13:62:42 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:62:20:62:41 | call to Param | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:67:13:67:45 | type conversion | test.go:67:20:67:33 | call to Params | test.go:67:13:67:45 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:67:20:67:33 | call to Params | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:72:13:72:42 | type conversion | test.go:72:20:72:41 | call to Query | test.go:72:13:72:42 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:72:20:72:41 | call to Query | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:77:13:77:33 | type conversion | test.go:77:20:77:32 | call to Refer | test.go:77:13:77:33 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:77:20:77:32 | call to Refer | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:82:13:82:35 | type conversion | test.go:82:20:82:34 | call to Referer | test.go:82:13:82:35 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:82:20:82:34 | call to Referer | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:87:13:87:31 | type conversion | test.go:87:20:87:30 | call to URI | test.go:87:13:87:31 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:87:20:87:30 | call to URI | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:92:13:92:31 | type conversion | test.go:92:20:92:30 | call to URL | test.go:92:13:92:31 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:92:20:92:30 | call to URL | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:97:13:97:37 | type conversion | test.go:97:20:97:36 | call to UserAgent | test.go:97:13:97:37 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:97:20:97:36 | call to UserAgent | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:102:14:102:45 | type assertion | test.go:102:14:102:25 | call to Data | test.go:102:14:102:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:102:14:102:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:114:14:114:45 | type assertion | test.go:114:14:114:25 | call to Data | test.go:114:14:114:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:114:14:114:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:126:14:126:45 | type assertion | test.go:126:14:126:25 | call to Data | test.go:126:14:126:45 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:126:14:126:25 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:143:23:143:62 | type assertion | test.go:143:23:143:42 | call to Data | test.go:143:23:143:62 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:143:23:143:42 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:200:14:200:55 | type conversion | test.go:199:15:199:26 | call to Data | test.go:200:14:200:55 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:201:14:201:58 | type conversion | test.go:199:15:199:26 | call to Data | test.go:201:14:201:58 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:203:14:203:28 | type assertion | test.go:199:15:199:26 | call to Data | test.go:203:14:203:28 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:204:14:204:55 | type conversion | test.go:199:15:199:26 | call to Data | test.go:204:14:204:55 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:205:14:205:59 | type conversion | test.go:199:15:199:26 | call to Data | test.go:205:14:205:59 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:199:15:199:26 | call to Data | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:209:14:209:28 | type conversion | test.go:208:18:208:33 | selection of Form | test.go:209:14:209:28 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:208:18:208:33 | selection of Form | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:224:14:224:32 | type conversion | test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:223:2:223:34 | ... := ...[1] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:226:14:226:20 | content | test.go:223:2:223:34 | ... := ...[0] | test.go:226:14:226:20 | content | Cross-site scripting vulnerability due to $@. | test.go:223:2:223:34 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:229:14:229:38 | type conversion | test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:228:2:228:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:232:14:232:22 | type conversion | test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:231:7:231:28 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:235:14:235:26 | type conversion | test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:234:8:234:35 | call to GetStrings | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:238:14:238:27 | type conversion | test.go:237:9:237:17 | call to Input | test.go:238:14:238:27 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:237:9:237:17 | call to Input | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:242:14:242:30 | type conversion | test.go:240:6:240:8 | definition of str | test.go:242:14:242:30 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:240:6:240:8 | definition of str | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:249:21:249:29 | untrusted | test.go:246:15:246:36 | call to GetString | test.go:249:21:249:29 | untrusted | Cross-site scripting vulnerability due to $@. | test.go:246:15:246:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:259:16:259:45 | type conversion | test.go:259:23:259:44 | call to GetCookie | test.go:259:16:259:45 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:259:23:259:44 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:264:16:264:37 | call to GetCookie | test.go:264:16:264:37 | call to GetCookie | test.go:264:16:264:37 | call to GetCookie | Cross-site scripting vulnerability due to $@. | test.go:264:16:264:37 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:265:15:265:41 | call to GetCookie | test.go:265:15:265:41 | call to GetCookie | test.go:265:15:265:41 | call to GetCookie | Cross-site scripting vulnerability due to $@. | test.go:265:15:265:41 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:270:55:270:84 | type conversion | test.go:270:62:270:83 | call to GetCookie | test.go:270:55:270:84 | type conversion | Cross-site scripting vulnerability due to $@. | test.go:270:62:270:83 | call to GetCookie | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:283:21:283:61 | call to GetDisplayString | test.go:275:2:275:40 | ... := ...[0] | test.go:283:21:283:61 | call to GetDisplayString | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:284:21:284:92 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:284:21:284:92 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:285:21:285:96 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:285:21:285:96 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:290:3:292:80 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:290:3:292:80 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:293:21:293:101 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:293:21:293:101 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:294:21:294:101 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:294:21:294:101 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:295:21:295:97 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:295:21:295:97 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:296:21:296:97 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:296:21:296:97 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:297:21:297:102 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:297:21:297:102 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:298:21:298:102 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:298:21:298:102 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:299:21:299:82 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:299:21:299:82 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:301:21:301:133 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:301:21:301:133 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:302:21:302:88 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:302:21:302:88 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:303:21:303:87 | selection of Filename | test.go:275:2:275:40 | ... := ...[0] | test.go:303:21:303:87 | selection of Filename | Cross-site scripting vulnerability due to $@. | test.go:275:2:275:40 | ... := ...[0] | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:311:21:311:48 | type assertion | test.go:309:15:309:36 | call to GetString | test.go:311:21:311:48 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:309:15:309:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | -| test.go:312:21:312:52 | type assertion | test.go:309:15:309:36 | call to GetString | test.go:312:21:312:52 | type assertion | Cross-site scripting vulnerability due to $@. | test.go:309:15:309:36 | call to GetString | user-provided value | test.go:0:0:0:0 | test.go | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected index f6cd6f2ffb8..5b6213e6e85 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected @@ -1,12 +1,28 @@ +#select +| test.go:216:18:216:26 | untrusted | test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | +| test.go:217:10:217:18 | untrusted | test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | +| test.go:218:35:218:43 | untrusted | test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | +| test.go:326:35:326:43 | untrusted | test.go:324:17:324:37 | selection of RequestBody | test.go:326:35:326:43 | untrusted | This path depends on a $@. | test.go:324:17:324:37 | selection of RequestBody | user-provided value | +| test.go:334:23:334:31 | untrusted | test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | This path depends on a $@. | test.go:332:15:332:26 | call to Data | user-provided value | +| test.go:342:53:342:61 | untrusted | test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value | +| test.go:344:23:344:31 | untrusted | test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value | edges -| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:293 | -| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:293 | -| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:293 | -| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:301 MaD:187 | +| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | Src:MaD:2 | +| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | Src:MaD:2 | +| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | Src:MaD:2 | +| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | Src:MaD:3 MaD:1 | | test.go:324:40:324:43 | &... | test.go:326:35:326:43 | untrusted | provenance | | -| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:293 | -| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:293 | -| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:293 | +| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | Src:MaD:2 | +| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | Src:MaD:2 | +| test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | provenance | Src:MaD:2 | +models +| 1 | Summary: encoding/json; ; false; Unmarshal; ; ; Argument[0]; Argument[1]; taint; manual | +| 2 | Source: github.com/astaxie/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 2 | Source: github.com/beego/beego/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 2 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; Data; ; ; ReturnValue[0]; remote; manual | +| 3 | Source: github.com/astaxie/beego/context; BeegoInput; true; RequestBody; ; ; ; remote; manual | +| 3 | Source: github.com/beego/beego/context; BeegoInput; true; RequestBody; ; ; ; remote; manual | +| 3 | Source: github.com/beego/beego/server/web/context; BeegoInput; true; RequestBody; ; ; ; remote; manual | nodes | test.go:215:15:215:26 | call to Data | semmle.label | call to Data | | test.go:216:18:216:26 | untrusted | semmle.label | untrusted | @@ -21,11 +37,3 @@ nodes | test.go:342:53:342:61 | untrusted | semmle.label | untrusted | | test.go:344:23:344:31 | untrusted | semmle.label | untrusted | subpaths -#select -| test.go:216:18:216:26 | untrusted | test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | -| test.go:217:10:217:18 | untrusted | test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | -| test.go:218:35:218:43 | untrusted | test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | This path depends on a $@. | test.go:215:15:215:26 | call to Data | user-provided value | -| test.go:326:35:326:43 | untrusted | test.go:324:17:324:37 | selection of RequestBody | test.go:326:35:326:43 | untrusted | This path depends on a $@. | test.go:324:17:324:37 | selection of RequestBody | user-provided value | -| test.go:334:23:334:31 | untrusted | test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | This path depends on a $@. | test.go:332:15:332:26 | call to Data | user-provided value | -| test.go:342:53:342:61 | untrusted | test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value | -| test.go:344:23:344:31 | untrusted | test.go:340:15:340:26 | call to Data | test.go:344:23:344:31 | untrusted | This path depends on a $@. | test.go:340:15:340:26 | call to Data | user-provided value | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected b/go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected index 1734e9c8b53..0312e5cdeee 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected @@ -1,14 +1,17 @@ +#select +| EndToEnd.go:94:20:94:49 | call to Get | EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:49 | call to Get | This path to an untrusted URL redirection depends on a $@. | EndToEnd.go:94:20:94:27 | selection of Params | user-provided value | edges | EndToEnd.go:94:20:94:27 | implicit dereference | EndToEnd.go:94:20:94:27 | selection of Params | provenance | Config | | EndToEnd.go:94:20:94:27 | implicit dereference | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Config | -| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:27 | implicit dereference | provenance | Src:MaD:525 Config | -| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Src:MaD:525 Config | +| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:27 | implicit dereference | provenance | Src:MaD:1 Config | +| EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:32 | selection of Form | provenance | Src:MaD:1 Config | | EndToEnd.go:94:20:94:32 | selection of Form | EndToEnd.go:94:20:94:49 | call to Get | provenance | Config | +models +| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual | +| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual | nodes | EndToEnd.go:94:20:94:27 | implicit dereference | semmle.label | implicit dereference | | EndToEnd.go:94:20:94:27 | selection of Params | semmle.label | selection of Params | | EndToEnd.go:94:20:94:32 | selection of Form | semmle.label | selection of Form | | EndToEnd.go:94:20:94:49 | call to Get | semmle.label | call to Get | subpaths -#select -| EndToEnd.go:94:20:94:49 | call to Get | EndToEnd.go:94:20:94:27 | selection of Params | EndToEnd.go:94:20:94:49 | call to Get | This path to an untrusted URL redirection depends on a $@. | EndToEnd.go:94:20:94:27 | selection of Params | user-provided value | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected b/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected index 994e5b8bc66..418e722e2ac 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected @@ -1,13 +1,25 @@ +#select +| EndToEnd.go:37:24:37:26 | buf | EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:37:24:37:26 | buf | Cross-site scripting vulnerability due to $@. | EndToEnd.go:36:18:36:25 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go | | +| EndToEnd.go:69:22:69:51 | call to Get | EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:51 | call to Get | Cross-site scripting vulnerability due to $@. | EndToEnd.go:69:22:69:29 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go | | +| Revel.go:70:22:70:35 | selection of Query | Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | Cross-site scripting vulnerability due to $@. The value is $@. | Revel.go:70:22:70:29 | selection of Params | user-provided value | views/myAppController/rawRead.html:1:1:2:9 | {{raw .Foo}}\n{{.Bar}}\n | instantiated as a raw template | +| examples/booking/app/init.go:36:44:36:53 | selection of Path | examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:36:44:36:48 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go | | +| examples/booking/app/init.go:40:49:40:58 | selection of Path | examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:40:49:40:53 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go | | edges | EndToEnd.go:35:2:35:4 | definition of buf | EndToEnd.go:37:24:37:26 | buf | provenance | | -| EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | Src:MaD:525 | -| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:940 | -| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:746 | -| EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | Src:MaD:525 | -| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:940 | -| Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | Src:MaD:525 | -| examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | Src:MaD:872 | -| examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | Src:MaD:872 | +| EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | Src:MaD:1 | +| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:4 | +| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:2 | +| EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | Src:MaD:1 | +| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:4 | +| Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | Src:MaD:1 | +| examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | Src:MaD:3 | +| examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | Src:MaD:3 | +models +| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual | +| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual | +| 2 | Summary: io; StringWriter; true; WriteString; ; ; Argument[0]; Argument[receiver]; taint; manual | +| 3 | Source: net/http; Request; true; URL; ; ; ; remote; manual | +| 4 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | nodes | EndToEnd.go:35:2:35:4 | definition of buf | semmle.label | definition of buf | | EndToEnd.go:36:18:36:25 | selection of Params | semmle.label | selection of Params | @@ -24,9 +36,3 @@ nodes | examples/booking/app/init.go:40:49:40:53 | selection of URL | semmle.label | selection of URL | | examples/booking/app/init.go:40:49:40:58 | selection of Path | semmle.label | selection of Path | subpaths -#select -| EndToEnd.go:37:24:37:26 | buf | EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:37:24:37:26 | buf | Cross-site scripting vulnerability due to $@. | EndToEnd.go:36:18:36:25 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go | | -| EndToEnd.go:69:22:69:51 | call to Get | EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:51 | call to Get | Cross-site scripting vulnerability due to $@. | EndToEnd.go:69:22:69:29 | selection of Params | user-provided value | EndToEnd.go:0:0:0:0 | EndToEnd.go | | -| Revel.go:70:22:70:35 | selection of Query | Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | Cross-site scripting vulnerability due to $@. The value is $@. | Revel.go:70:22:70:29 | selection of Params | user-provided value | views/myAppController/rawRead.html:1:1:2:9 | {{raw .Foo}}\n{{.Bar}}\n | instantiated as a raw template | -| examples/booking/app/init.go:36:44:36:53 | selection of Path | examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:36:44:36:48 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go | | -| examples/booking/app/init.go:40:49:40:58 | selection of Path | examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | Cross-site scripting vulnerability due to $@. | examples/booking/app/init.go:40:49:40:53 | selection of URL | user-provided value | examples/booking/app/init.go:0:0:0:0 | examples/booking/app/init.go | | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected b/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected index 20dc5bfab93..977b90affab 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected @@ -1,8 +1,15 @@ +#select +| EndToEnd.go:58:18:58:47 | call to Get | EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:47 | call to Get | This path depends on a $@. | EndToEnd.go:58:18:58:25 | selection of Params | user-provided value | +| EndToEnd.go:64:26:64:55 | call to Get | EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:55 | call to Get | This path depends on a $@. | EndToEnd.go:64:26:64:33 | selection of Params | user-provided value | edges -| EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | Src:MaD:525 | -| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:940 | -| EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | Src:MaD:525 | -| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:940 | +| EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | Src:MaD:1 | +| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:2 | +| EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | Src:MaD:1 | +| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:2 | +models +| 1 | Source: github.com/revel/revel; Controller; true; Params; ; ; ; remote; manual | +| 1 | Source: github.com/robfig/revel; Controller; true; Params; ; ; ; remote; manual | +| 2 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | nodes | EndToEnd.go:58:18:58:25 | selection of Params | semmle.label | selection of Params | | EndToEnd.go:58:18:58:30 | selection of Form | semmle.label | selection of Form | @@ -11,6 +18,3 @@ nodes | EndToEnd.go:64:26:64:38 | selection of Form | semmle.label | selection of Form | | EndToEnd.go:64:26:64:55 | call to Get | semmle.label | call to Get | subpaths -#select -| EndToEnd.go:58:18:58:47 | call to Get | EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:47 | call to Get | This path depends on a $@. | EndToEnd.go:58:18:58:25 | selection of Params | user-provided value | -| EndToEnd.go:64:26:64:55 | call to Get | EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:55 | call to Get | This path depends on a $@. | EndToEnd.go:64:26:64:33 | selection of Params | user-provided value | diff --git a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected index 36f383b6ef1..2b5c40da258 100644 --- a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected +++ b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected @@ -1,16 +1,32 @@ +#select +| go-jose.v3.go:33:12:33:23 | DecodedToken | go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:33:12:33:23 | DecodedToken | This JWT is parsed without verification and received from $@. | go-jose.v3.go:25:16:25:20 | selection of URL | this user-controlled source | +| golang-jwt-v5.go:34:58:34:68 | signedToken | golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:34:58:34:68 | signedToken | This JWT is parsed without verification and received from $@. | golang-jwt-v5.go:28:16:28:20 | selection of URL | this user-controlled source | edges -| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | Src:MaD:872 MaD:933 | -| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:940 | +| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | Src:MaD:4 MaD:5 | +| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:6 | | go-jose.v3.go:25:16:25:47 | call to Get | go-jose.v3.go:26:15:26:25 | signedToken | provenance | | | go-jose.v3.go:26:15:26:25 | signedToken | go-jose.v3.go:29:19:29:29 | definition of signedToken | provenance | | | go-jose.v3.go:29:19:29:29 | definition of signedToken | go-jose.v3.go:31:37:31:47 | signedToken | provenance | | -| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:440 | -| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:442 | -| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | Src:MaD:872 MaD:933 | -| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:940 | +| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:1 | +| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:2 | +| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | Src:MaD:4 MaD:5 | +| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:6 | | golang-jwt-v5.go:28:16:28:47 | call to Get | golang-jwt-v5.go:29:25:29:35 | signedToken | provenance | | | golang-jwt-v5.go:29:25:29:35 | signedToken | golang-jwt-v5.go:32:29:32:39 | definition of signedToken | provenance | | -| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:465 | +| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:3 | +models +| 1 | Sink: github.com/go-jose/go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual | +| 1 | Sink: github.com/square/go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual | +| 1 | Sink: gopkg.in/go-jose/go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual | +| 1 | Sink: gopkg.in/square/go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual | +| 2 | Summary: github.com/go-jose/go-jose/jwt; ; true; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 2 | Summary: github.com/square/go-jose/jwt; ; true; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 2 | Summary: gopkg.in/go-jose/go-jose/jwt; ; true; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 2 | Summary: gopkg.in/square/go-jose/jwt; ; true; ParseSigned; ; ; Argument[0]; ReturnValue[0]; taint; manual | +| 3 | Sink: github.com/golang-jwt/jwt; Parser; true; ParseUnverified; ; ; Argument[0]; jwt; manual | +| 4 | Source: net/http; Request; true; URL; ; ; ; remote; manual | +| 5 | Summary: net/url; URL; true; Query; ; ; Argument[receiver]; ReturnValue; taint; manual | +| 6 | Summary: net/url; Values; true; Get; ; ; Argument[receiver]; ReturnValue; taint; manual | nodes | go-jose.v3.go:25:16:25:20 | selection of URL | semmle.label | selection of URL | | go-jose.v3.go:25:16:25:28 | call to Query | semmle.label | call to Query | @@ -27,6 +43,3 @@ nodes | golang-jwt-v5.go:32:29:32:39 | definition of signedToken | semmle.label | definition of signedToken | | golang-jwt-v5.go:34:58:34:68 | signedToken | semmle.label | signedToken | subpaths -#select -| go-jose.v3.go:33:12:33:23 | DecodedToken | go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:33:12:33:23 | DecodedToken | This JWT is parsed without verification and received from $@. | go-jose.v3.go:25:16:25:20 | selection of URL | this user-controlled source | -| golang-jwt-v5.go:34:58:34:68 | signedToken | golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:34:58:34:68 | signedToken | This JWT is parsed without verification and received from $@. | golang-jwt-v5.go:28:16:28:20 | selection of URL | this user-controlled source |