Skip to content

Commit f057604

Browse files
owen-mcowen-mc
authored
Merge pull request #22027 from owen-mc/go/improve-tests
Go: Improve two tests
2 parents 32f7c54 + 07cf895 commit f057604

6 files changed

Lines changed: 446 additions & 32 deletions

File tree

go/ql/test/library-tests/semmle/go/concepts/LoggerCall/logrus.go

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ func logSomething(entry *logrus.Entry) {
1313
entry.Traceln(text) // $ logger=text
1414
}
1515

16-
func logrusCalls() {
16+
func logrusCalls(selector int) {
1717
err := errors.New("Error")
1818
var fields logrus.Fields = nil
1919
var fn logrus.LogFunction = nil
@@ -27,11 +27,15 @@ func logrusCalls() {
2727
tmp = logrus.WithFields(fields) // $ logger=fields
2828
logSomething(tmp)
2929

30-
logrus.Error(text) // $ logger=text
31-
logrus.Fatalf(fmt, text) // $ logger=fmt logger=text
32-
logrus.Panicln(text) // $ logger=text
33-
logrus.Infof(fmt, text) // $ logger=fmt logger=text
34-
logrus.FatalFn(fn) // $ logger=fn
30+
logrus.Error(text) // $ logger=text
31+
logrus.Infof(fmt, text) // $ logger=fmt logger=text
32+
if selector == 0 {
33+
logrus.Fatalf(fmt, text) // $ logger=fmt logger=text
34+
} else if selector == 1 {
35+
logrus.Panicln(text) // $ logger=text
36+
} else if selector == 2 {
37+
logrus.FatalFn(fn) // $ logger=fn
38+
}
3539

3640
// components corresponding to the format specifier "%T" are not considered vulnerable
3741
logrus.Infof("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v

go/ql/test/library-tests/semmle/go/concepts/LoggerCall/main.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,6 @@ var v []byte
88

99
func main() {
1010
glogTest(len(v))
11-
stdlib()
11+
stdlib(len(v))
1212
slogTest()
1313
}

go/ql/test/library-tests/semmle/go/concepts/LoggerCall/stdlib.go

Lines changed: 57 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -4,37 +4,69 @@ import (
44
"log"
55
)
66

7-
func stdlib() {
7+
func stdlib(selector int) {
88
var logger log.Logger
99
logger.SetPrefix("prefix: ")
10-
logger.Fatal(text) // $ logger=text
11-
logger.Fatalf(fmt, text) // $ logger=fmt logger=text
12-
logger.Fatalln(text) // $ logger=text
13-
logger.Panic(text) // $ logger=text
14-
logger.Panicf(fmt, text) // $ logger=fmt logger=text
15-
logger.Panicln(text) // $ logger=text
16-
logger.Print(text) // $ logger=text
17-
logger.Printf(fmt, text) // $ logger=fmt logger=text
18-
logger.Println(text) // $ logger=text
10+
switch selector {
11+
case 0:
12+
logger.Fatal(text) // $ logger=text
13+
case 1:
14+
logger.Fatalf(fmt, text) // $ logger=fmt logger=text
15+
case 2:
16+
logger.Fatalln(text) // $ logger=text
17+
case 3:
18+
logger.Panic(text) // $ logger=text
19+
case 4:
20+
logger.Panicf(fmt, text) // $ logger=fmt logger=text
21+
case 5:
22+
logger.Panicln(text) // $ logger=text
23+
case 6:
24+
logger.Print(text) // $ logger=text
25+
case 7:
26+
logger.Printf(fmt, text) // $ logger=fmt logger=text
27+
case 8:
28+
logger.Println(text) // $ logger=text
29+
}
1930

2031
// components corresponding to the format specifier "%T" are not considered vulnerable
21-
logger.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
22-
logger.Panicf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
23-
logger.Printf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
32+
switch selector {
33+
case 9:
34+
logger.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
35+
case 10:
36+
logger.Panicf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
37+
case 11:
38+
logger.Printf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
39+
}
2440

2541
log.SetPrefix("prefix: ")
26-
log.Fatal(text) // $ logger=text
27-
log.Fatalf(fmt, text) // $ logger=fmt logger=text
28-
log.Fatalln(text) // $ logger=text
29-
log.Panic(text) // $ logger=text
30-
log.Panicf(fmt, text) // $ logger=fmt logger=text
31-
log.Panicln(text) // $ logger=text
32-
log.Print(text) // $ logger=text
33-
log.Printf(fmt, text) // $ logger=fmt logger=text
34-
log.Println(text) // $ logger=text
42+
switch selector {
43+
case 12:
44+
log.Fatal(text) // $ logger=text
45+
case 13:
46+
log.Fatalf(fmt, text) // $ logger=fmt logger=text
47+
case 14:
48+
log.Fatalln(text) // $ logger=text
49+
case 15:
50+
log.Panic(text) // $ logger=text
51+
case 16:
52+
log.Panicf(fmt, text) // $ logger=fmt logger=text
53+
case 17:
54+
log.Panicln(text) // $ logger=text
55+
case 18:
56+
log.Print(text) // $ logger=text
57+
case 19:
58+
log.Printf(fmt, text) // $ logger=fmt logger=text
59+
case 20:
60+
log.Println(text) // $ logger=text
61+
}
3562

3663
// components corresponding to the format specifier "%T" are not considered vulnerable
37-
log.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
38-
log.Panicf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
39-
log.Printf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
64+
switch selector {
65+
case 21:
66+
log.Fatalf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
67+
case 22:
68+
log.Panicf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
69+
case 23:
70+
log.Printf("%s: found type %T", text, v) // $ logger="%s: found type %T" logger=text type-logger=v
71+
}
4072
}

0 commit comments

Comments
 (0)