sdk/golang/Web Frameworks/GoGinContext

GoGinContext

Represents gin.Context, the primary request/response carrier in the Gin HTTP framework. All user-input accessors (Query, Param, PostForm, etc.) are taint sources. Output methods (JSON, String, Redirect) are sinks for XSS and open-redirect rules.

7 sources2 sinks

Taint flow7 sources → 2 sinks

Sources — untrusted input

.Query()Returns URL query parameter value for the given key

.DefaultQuery()Returns URL query parameter value, or defaultValue if the key is absent

.Param()Returns URL path parameter (e

.PostForm()Returns POST form value for the given key from application/x-www-form-urlencoded body

.GetHeader()Returns HTTP request header value

.ShouldBindJSON()Deserializes JSON request body into obj

.Cookie()Returns the named cookie value

→

taint

Sinks — dangerous call

.JSON()Serializes obj to JSON and writes to response

.Redirect()Redirects to location

Quick-start rule — copy and run

from codepathfinder.go_rule import GoGinContext, GoGormDB, GoStrconv
from codepathfinder import flows
from codepathfinder.presets import PropagationPresets
from codepathfinder.go_decorators import go_rule

@go_rule(
    id="GO-GORM-SQLI-001",
    severity="CRITICAL",
    cwe="CWE-89",
    owasp="A03:2021",
    message="User input flows into GORM Raw()/Exec(). Use parameterized queries.",
)
def detect_gorm_sqli():
    return flows(
        from_sources=[
            GoGinContext.method("Query", "Param", "PostForm", "ShouldBindJSON"),
        ],
        to_sinks=[
            GoGormDB.method("Raw", "Exec"),
        ],
        sanitized_by=[
            GoStrconv.method("Atoi", "ParseInt", "ParseFloat"),
        ],
        propagates_through=PropagationPresets.standard(),
        scope="global",
    )

pathfinder scan --ruleset custom/security --project .

Sources

— user-controlled input enters here

.Query()Source

Signature

Query(key string) string

Returns URL query parameter value for the given key. Empty string if missing.

tracks:return

.DefaultQuery()Source

Signature

DefaultQuery(key, defaultValue string) string

Returns URL query parameter value, or defaultValue if the key is absent.

tracks:return

.Param()Source

Signature

Param(key string) string

Returns URL path parameter (e.g. /user/:id). Always non-empty if route matched.

tracks:return

.PostForm()Source

Signature

PostForm(key string) string

Returns POST form value for the given key from application/x-www-form-urlencoded body.

tracks:return

.GetHeader()Source

Signature

GetHeader(key string) string

Returns HTTP request header value. User-controlled for headers like X-Forwarded-For.

tracks:return

.ShouldBindJSON()Source

Signature

ShouldBindJSON(obj any) error

Deserializes JSON request body into obj. obj becomes tainted after binding.

tracks:0

Sinks

— dangerous functions taint must not reach

.JSON()Sink

Signature

JSON(code int, obj any)

Serializes obj to JSON and writes to response. Sink for reflected XSS if obj contains raw HTML.

tracks:1

.Redirect()Sink

Signature

Redirect(code int, location string)

Redirects to location. Sink for open-redirect if location comes from user input.

tracks:1

Fully-Qualified Names

FQN	Field
github.com/gin-gonic/gin.Context	fqns[0]
*.Context	patterns

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

go.mod

require github.com/gin-gonic/gin v1.9.1

rule.py

from codepathfinder.go_rule import GoGinContext

Rules Using This Class

GO-GORM-SQLI-001 GO-GORM-SQLI-002 GO-SEC-001 GO-SQLI-003 GO-SSRF-001 GO-SEC-002 GO-XSS-001 GO-PATH-001 GO-REDIRECT-001

← PreviousGoFloschPongo2

Next →GoGoPlaygroundValidator