Skip to content

go case update #143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

go case update #143

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b63c901
go case update
curryooo Sep 30, 2025
6821149
go case update 4
curryooo Sep 30, 2025
34f8591
go case update 6
curryooo Sep 30, 2025
33c7f40
go case update 7
curryooo Sep 30, 2025
3886428
go case update 8
curryooo Sep 30, 2025
a14224b
go case update
curryooo Oct 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions .../numeric_index_state_no_solver/array_index_no_solver_005_T/array_index_no_solver_005_T.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

// evaluation information start
// real case = true
// evaluation item = 准确度->对象敏感与域敏感分析->区分一维字典/列表/数组的不同元素->索引值为数字的场景,能够区分不同索引上特定元素的状态(无需求解)
Expand All @@ -7,8 +6,8 @@
// bind_url = accuracy/field_sensitive/one_dimensional_collection/numeric_index_state_no_solver/array_index_no_solver_005_T/array_index_no_solver_005_T
// evaluation information end

// YASA中现在处理memberAccess时,以property的符号字面量作为key进行存取。导致精度损失。
package main

import "os/exec"

func array_index_no_solver_005_T(__taint_src string) {
Expand All @@ -23,8 +22,8 @@ func array_index_no_solver_005_T(__taint_src string) {

func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
}
func main() {
__taint_src := "taint_src_value"
array_index_no_solver_005_T(__taint_src)
}
__taint_src := "taint_src_value"
array_index_no_solver_005_T(__taint_src)
}
28 changes: 28 additions & 0 deletions .../completeness/single_app_tracing/cross_file_package_namespace/cross_directory/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,34 @@
{
"compose": "(cross_directory_009_T/cross/cross_directory_009_T.go || cross_directory_009_T/cross/cross_init/cross_directory_init_009_T.go) && !(cross_directory_010_F/cross/cross_directory_010_F.go || cross_directory_010_F/cross/cross_init/cross_directory_init_010_F.go)",
"scene": "跨package5"
},
{
"compose": "(cross_directory_011_T/cross/cross_01/cross_directory_011_T_b.go || cross_directory_011_T/cross_directory_011_T_a/cross_directory_011_T_a.go) && !(cross_directory_012_F/cross/cross_01/cross_directory_012_F_b.go || cross_directory_012_F/cross_directory_012_F_a/cross_directory_012_F_a.go)",
"scene": "replace包层级调用链1"
},
{
"compose": "(cross_directory_013_T/cross/other/cross_01/cross_directory_013_T_b.go || cross_directory_013_T/cross_directory_013_T_a/cross_directory_013_T_a.go) && !(cross_directory_014_F/cross/other/cross_01/cross_directory_014_F_b.go || cross_directory_014_F/cross_directory_014_F_a/cross_directory_014_F_a.go)",
"scene": "replace包层级调用链2"
},
{
"compose": "(cross_directory_021_T/cross/cross_same_name_021_T.go || cross_directory_021_T/main_dir/cross_directory_021_T_a.go || cross_directory_021_T/main_dir/cross_directory_021_T_b.go || cross_directory_021_T/other/cross/cross_same_name_021_T.go) && !(cross_directory_022_F/cross/cross_same_name_022_F.go || cross_directory_022_F/main_dir/cross_directory_022_F_a.go || cross_directory_022_F/main_dir/cross_directory_022_F_b.go || cross_directory_022_F/other/cross/cross_same_name_022_F.go)",
"scene": "同名包导入区分"
},
{
"compose": "(cross_directory_023_T/cross/cross_directory_023_T.go || cross_directory_023_T/cross/cross_01/cross_directory_023_T_a.go) && !(cross_directory_024_F/cross/cross_directory_024_F.go || cross_directory_024_F/cross/cross_01/cross_directory_024_F_a.go)",
"scene": "可见性校验"
},
{
"compose": "(cross_directory_025_T/cross/cross_01/cross_directory_025_T_a.go || cross_directory_025_T/cross/cross_directory_025_T.go) && !(cross_directory_026_F/cross/cross_01/cross_directory_026_F_a.go || cross_directory_026_F/cross/cross_directory_026_F.go)",
"scene": "导入路径与包名解耦"
},
{
"compose": "(cross_directory_027_T/cross_01/cross_same_name_027_T.go || cross_directory_027_T/cross_02/cross_same_name_027_T.go || cross_directory_027_T/cross_directory_027_T.go) && !(cross_directory_028_F/cross_01/cross_same_name_028_F.go || cross_directory_028_F/cross_02/cross_same_name_028_F.go || cross_directory_028_F/cross_directory_028_F.go)",
"scene": "同名包路径区分"
},
{
"compose": "(cross_directory_029_T/cross/cross_01/cross_directory_029_T_a.go || cross_directory_029_T/cross/cross_directory_029_T.go) && !(cross_directory_030_F/cross/cross_01/cross_directory_030_F_a.go || cross_directory_030_F/cross/cross_directory_030_F.go)",
"scene": "识别导入根目录"
}
]
}
Expand Down
18 changes: 18 additions & 0 deletions ...namespace/cross_directory/cross_directory_011_T/cross/cross_01/cross_directory_011_T_b.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_011_T/cross/cross_01/cross_directory_011_T_b
// evaluation information end

package cross_directory_011_T_b
import "os/exec"

func SayHello(taint_src string) {
__taint_sink(taint_src)
}

func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
3 changes: 3 additions & 0 deletions .../cross_file_package_namespace/cross_directory/cross_directory_011_T/cross/cross_01/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
module cross/cross_01

go 1.20
23 changes: 23 additions & 0 deletions .../cross_directory/cross_directory_011_T/cross_directory_011_T_a/cross_directory_011_T_a.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_011_T/cross_directory_011_T_a/cross_directory_011_T_a
// evaluation information end

// 这里有两个go.mod文件 cross_directory_011_T文件夹下的go.mod文件是负责"指路"(replace指令),当看到 import "cross/cross_01" 时
// 不要去其他地方寻找 应该去本地的 ./cross/cross_01 目录找,cross_01文件夹下的go.mod文件是"亮明身份",告诉go模块 我确实是你要找的文件。
// 执行跨模块文件时需先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_011_T
// 再执行go run cross_directory_011_T_a/cross_directory_011_T_a.go
package main
import "cross/cross_01"

func cross_directory_011_T_a(__taint_src string) {
cross_directory_011_T_b.SayHello(__taint_src)
}

func main() {
__taint_src := "taint_src_value"
cross_directory_011_T_a(__taint_src)
}
7 changes: 7 additions & 0 deletions ...gle_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_011_T/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module cross_directory_011_T

go 1.20

replace cross/cross_01 => ./cross/cross_01

require cross/cross_01 v0.0.0-00010101000000-000000000000 // indirect
18 changes: 18 additions & 0 deletions ...namespace/cross_directory/cross_directory_012_F/cross/cross_01/cross_directory_012_F_b.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
// evaluation information start
// real case = false
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_012_F/cross/cross_01/cross_directory_012_F_b
// evaluation information end

package cross_directory_012_F_b
import "os/exec"

func SayHello(taint_src string) {
__taint_sink("_")
}

func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
3 changes: 3 additions & 0 deletions .../cross_file_package_namespace/cross_directory/cross_directory_012_F/cross/cross_01/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
module cross/cross_01

go 1.20
23 changes: 23 additions & 0 deletions .../cross_directory/cross_directory_012_F/cross_directory_012_F_a/cross_directory_012_F_a.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
// evaluation information start
// real case = false
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_012_F/cross_directory_012_F_a/cross_directory_012_F_a
// evaluation information end

// 这里有两个go.mod文件 cross_directory_012_F文件夹下的go.mod文件是负责"指路"(replace指令),当看到 import "cross/cross_01" 时
// 不要去其他地方寻找 应该去本地的 ./cross/cross_01 目录找,cross_01文件夹下的go.mod文件是"亮明身份",告诉go模块 我确实是你要找的文件。
// 执行跨模块文件时需先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_012_F
// 再执行go run cross_directory_012_F_a/cross_directory_012_F_a.go
package main
import "cross/cross_01"

func cross_directory_012_F_a(__taint_src string) {
cross_directory_012_F_b.SayHello(__taint_src)
}

func main() {
__taint_src := "taint_src_value"
cross_directory_012_F_a(__taint_src)
}
7 changes: 7 additions & 0 deletions ...gle_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_012_F/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module cross_directory_012_F

go 1.20

replace cross/cross_01 => ./cross/cross_01

require cross/cross_01 v0.0.0-00010101000000-000000000000
18 changes: 18 additions & 0 deletions ...ace/cross_directory/cross_directory_013_T/cross/other/cross_01/cross_directory_013_T_b.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_013_T/cross/other/cross_01/cross_directory_013_T_b
// evaluation information end

package cross_directory_013_T_b
import "os/exec"

func SayHello(taint_src string) {
__taint_sink(taint_src)
}

func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
3 changes: 3 additions & 0 deletions ..._file_package_namespace/cross_directory/cross_directory_013_T/cross/other/cross_01/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
module cross/other/cross_01

go 1.20
23 changes: 23 additions & 0 deletions .../cross_directory/cross_directory_013_T/cross_directory_013_T_a/cross_directory_013_T_a.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_013_T/cross_directory_013_T_a/cross_directory_013_T_a
// evaluation information end

// 这里有两个go.mod文件 cross_directory_013_T文件夹下的go.mod文件是负责"指路"(replace指令),当看到 import "cross/other/cross_01" 时
// 不要去其他地方寻找 应该去本地的 .cross/other/cross_01 目录找,cross_01文件夹下的go.mod文件是"亮明身份",告诉go模块 我确实是你要找的文件。
// 执行跨模块文件时需先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_013_T
// 再执行go run cross_directory_013_T_a/cross_directory_013_T_a.go
package main
import "cross/other/cross_01"

func cross_directory_013_T_a(__taint_src string) {
cross_directory_013_T_b.SayHello(__taint_src)
}

func main() {
__taint_src := "taint_src_value"
cross_directory_013_T_a(__taint_src)
}
7 changes: 7 additions & 0 deletions ...gle_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_013_T/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module cross_directory_013_T

go 1.20

replace cross/other/cross_01 => ./cross/other/cross_01

require cross/other/cross_01 v0.0.0-00010101000000-000000000000 // indirect
18 changes: 18 additions & 0 deletions ...ace/cross_directory/cross_directory_014_F/cross/other/cross_01/cross_directory_014_F_b.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
// evaluation information start
// real case = false
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_014_F/cross/other/cross_01/cross_directory_014_F_b
// evaluation information end

package cross_directory_014_F_b
import "os/exec"

func SayHello(taint_src string) {
__taint_sink("_")
}

func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
3 changes: 3 additions & 0 deletions ..._file_package_namespace/cross_directory/cross_directory_014_F/cross/other/cross_01/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
module cross/other/cross_01

go 1.20
23 changes: 23 additions & 0 deletions .../cross_directory/cross_directory_014_F/cross_directory_014_F_a/cross_directory_014_F_a.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
// evaluation information start
// real case = false
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = replace包层级调用链
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_014_F/cross_directory_014_F_a/cross_directory_014_F_a
// evaluation information end

// 这里有两个go.mod文件 cross_directory_014_F文件夹下的go.mod文件是负责"指路"(replace指令),当看到 import "cross/other/cross_01" 时
// 不要去其他地方寻找 应该去本地的 .cross/other/cross_01 目录找,cross_01文件夹下的go.mod文件是"亮明身份",告诉go模块 我确实是你要找的文件。
// 执行跨模块文件时需先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_014_F
// 再执行go run cross_directory_014_F_a/cross_directory_014_F_a.go
package main
import "cross/other/cross_01"

func cross_directory_014_F_a(__taint_src string) {
cross_directory_014_F_b.SayHello(__taint_src)
}

func main() {
__taint_src := "taint_src_value"
cross_directory_014_F_a(__taint_src)
}
7 changes: 7 additions & 0 deletions ...gle_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_014_F/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module cross_directory_014_F

go 1.20

replace cross/other/cross_01 => ./cross/other/cross_01

require cross/other/cross_01 v0.0.0-00010101000000-000000000000 // indirect
31 changes: 31 additions & 0 deletions ...le_package_namespace/cross_directory/cross_directory_015_T/cross/cross_directory_015_T.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = init函数自动执行
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_015_T/cross/cross_directory_015_T
// evaluation information end

// 先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_015_T/cross
// 再执行go run cross_directory_015_T.go
package main
import (
"cross_directory_015_T/cross/cross_init"
"os/exec"
"fmt"
)

// Go语言支持包中定义init函数,在这个包被首次初始化(import)时,会自动触发这个包的init函数
func cross_directory_015_T() {
// 看cross_init.Status是否被init处理过
__taint_sink(cross_init.Status)
}

func __taint_sink(o interface{}) {
fmt.Println("o 的值:", o)
_ = exec.Command("sh", "-c", o.(string)).Run()
}

func main() {
cross_directory_015_T()
}
11 changes: 11 additions & 0 deletions ...ce/cross_directory/cross_directory_015_T/cross/cross_init/cross_directory_export_015_T.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = init函数自动执行
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_015_T/cross/cross_init/cross_directory_export_015_T
// evaluation information end

package cross_init

var Taint_src = "taint_src_value"
14 changes: 14 additions & 0 deletions ...pace/cross_directory/cross_directory_015_T/cross/cross_init/cross_directory_init_015_T.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
// evaluation information start
// real case = true
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = init函数自动执行
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_015_T/cross/cross_init/cross_directory_init_015_T
// evaluation information end

package cross_init

var Status string
func init() {
Status = Taint_src
}
3 changes: 3 additions & 0 deletions ...gle_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_015_T/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
module cross_directory_015_T

go 1.20
23 changes: 23 additions & 0 deletions ...le_package_namespace/cross_directory/cross_directory_016_F/cross/cross_directory_016_F.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
// evaluation information start
// real case = false
// evaluation item = 完整度->单应用跟踪完整度->文件、包、命名空间->跨包
// scene introduction = init函数自动执行
// level = 2
// bind_url = completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_016_F/cross/cross_directory_016_F
// evaluation information end
// 先cd到sast-go/cases/completeness/single_app_tracing/cross_file_package_namespace/cross_directory/cross_directory_016_F/cross
// 再执行go run cross_directory_016_F.go
package main
import (
"cross_directory_016_F/cross/cross_init"
"os/exec"
)
func cross_directory_016_F() {
__taint_sink(cross_init.Status)
}
func __taint_sink(o interface{}) {
_ = exec.Command("sh", "-c", o.(string)).Run()
}
func main() {
cross_directory_016_F()
}
Loading