From 2c4d8a4b61f49429b79bef41ba5d30d1f3d141d9 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Sun, 23 Jun 2024 07:29:10 +0100 Subject: [PATCH] Convert EchoContextBinder to MaD --- go/ql/lib/ext/github.com.labstack.echo.model.yml | 1 + go/ql/lib/semmle/go/frameworks/Echo.qll | 13 ------------- 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/go/ql/lib/ext/github.com.labstack.echo.model.yml b/go/ql/lib/ext/github.com.labstack.echo.model.yml index a6b1be0929883..21e637a3b65bf 100644 --- a/go/ql/lib/ext/github.com.labstack.echo.model.yml +++ b/go/ql/lib/ext/github.com.labstack.echo.model.yml @@ -10,6 +10,7 @@ extensions: pack: codeql/go-all extensible: sourceModel data: + - ["github.com/labstack/echo", "Context", True, "Bind", "", "", "Argument[0]", "remote", "manual"] - ["github.com/labstack/echo", "Context", True, "Param", "", "", "ReturnValue[0]", "remote", "manual"] - ["github.com/labstack/echo", "Context", True, "ParamValues", "", "", "ReturnValue[0]", "remote", "manual"] - ["github.com/labstack/echo", "Context", True, "QueryParam", "", "", "ReturnValue[0]", "remote", "manual"] diff --git a/go/ql/lib/semmle/go/frameworks/Echo.qll b/go/ql/lib/semmle/go/frameworks/Echo.qll index 11f3646150c2e..440d2effd5c59 100644 --- a/go/ql/lib/semmle/go/frameworks/Echo.qll +++ b/go/ql/lib/semmle/go/frameworks/Echo.qll @@ -22,19 +22,6 @@ private module Echo { } } - /** - * A call to a method on `Context` struct that unmarshals data into a target. - */ - private class EchoContextBinder extends RemoteFlowSource::Range { - EchoContextBinder() { - exists(DataFlow::MethodCallNode call | - call.getTarget().hasQualifiedName(packagePath(), "Context", "Bind") - | - this = FunctionOutput::parameter(0).getExitNode(call) - ) - } - } - /** * `echo.Context` methods which set the content-type to `text/html` and write a result in one operation. */