Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 16e5fa3

Browse files
MathiasVPMathiasVP
committed
C++: Add failing tests with U_STRINGorID.
1 parent fe9feb9 commit 16e5fa3

4 files changed

Lines changed: 54 additions & 5 deletions

File tree

cpp/ql/test/library-tests/dataflow/external-models/flow.expected

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,14 @@ edges
1111
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:6 |
1212
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance | |
1313
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:10 |
14-
| test.cpp:4:5:4:11 | [summary param] 0 in ymlStep | test.cpp:4:5:4:11 | [summary] to write: ReturnValue in ymlStep | provenance | MaD:644 |
15-
| test.cpp:7:10:7:18 | call to ymlSource | test.cpp:7:10:7:18 | call to ymlSource | provenance | Src:MaD:642 |
16-
| test.cpp:7:10:7:18 | call to ymlSource | test.cpp:11:10:11:10 | x | provenance | Sink:MaD:643 |
14+
| test.cpp:4:5:4:11 | [summary param] 0 in ymlStep | test.cpp:4:5:4:11 | [summary] to write: ReturnValue in ymlStep | provenance | MaD:819 |
15+
| test.cpp:7:10:7:18 | call to ymlSource | test.cpp:7:10:7:18 | call to ymlSource | provenance | Src:MaD:817 |
16+
| test.cpp:7:10:7:18 | call to ymlSource | test.cpp:11:10:11:10 | x | provenance | Sink:MaD:818 |
1717
| test.cpp:7:10:7:18 | call to ymlSource | test.cpp:13:18:13:18 | x | provenance | |
1818
| test.cpp:13:10:13:16 | call to ymlStep | test.cpp:13:10:13:16 | call to ymlStep | provenance | |
19-
| test.cpp:13:10:13:16 | call to ymlStep | test.cpp:15:10:15:10 | y | provenance | Sink:MaD:643 |
19+
| test.cpp:13:10:13:16 | call to ymlStep | test.cpp:15:10:15:10 | y | provenance | Sink:MaD:818 |
2020
| test.cpp:13:18:13:18 | x | test.cpp:4:5:4:11 | [summary param] 0 in ymlStep | provenance | |
21-
| test.cpp:13:18:13:18 | x | test.cpp:13:10:13:16 | call to ymlStep | provenance | MaD:644 |
21+
| test.cpp:13:18:13:18 | x | test.cpp:13:10:13:16 | call to ymlStep | provenance | MaD:819 |
2222
nodes
2323
| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | semmle.label | [summary param] *0 in buffer |
2424
| asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | semmle.label | [summary] to write: ReturnValue in buffer |

cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,27 @@
1+
| Dubious member name "operator +=" in summary model. |
2+
| Dubious member name "operator BSTR" in summary model. |
3+
| Dubious member name "operator LPCSTR" in summary model. |
4+
| Dubious member name "operator LPSAFEARRAY" in summary model. |
5+
| Dubious member name "operator LPSTR" in summary model. |
6+
| Dubious member name "operator LPWSTR" in summary model. |
7+
| Dubious member name "operator PCXSTR" in summary model. |
8+
| Dubious member name "operator StringType&" in summary model. |
9+
| Dubious member name "operator T*" in summary model. |
10+
| Dubious member name "operator const StringType&" in summary model. |
11+
| Dubious member name "operator&" in summary model. |
112
| Dubious member name "operator*" in summary model. |
13+
| Dubious member name "operator+=" in summary model. |
214
| Dubious member name "operator->" in summary model. |
315
| Dubious member name "operator=" in summary model. |
416
| Dubious member name "operator[]" in summary model. |
17+
| Dubious signature "(CRegKey&)" in summary model. |
18+
| Dubious signature "(DWORD&,LPCTSTR)" in summary model. |
519
| Dubious signature "(InputIterator,InputIterator,const Allocator &)" in summary model. |
20+
| Dubious signature "(const CComBSTR&)" in summary model. |
21+
| Dubious signature "(const CComSafeArray&)" in summary model. |
22+
| Dubious signature "(const SAFEARRAY&)" in summary model. |
23+
| Dubious signature "(const SAFEARRAY*)" in summary model. |
24+
| Dubious signature "(const SAFEARRAYBOUND*, UINT)" in summary model. |
625
| Dubious signature "(const deque &)" in summary model. |
726
| Dubious signature "(const deque &,const Allocator &)" in summary model. |
827
| Dubious signature "(const forward_list &)" in summary model. |
@@ -25,3 +44,5 @@
2544
| Dubious signature "(size_type,const T &,const Allocator &)" in summary model. |
2645
| Dubious signature "(vector &&)" in summary model. |
2746
| Dubious signature "(vector &&,const Allocator &)" in summary model. |
47+
| Dubious signature "operator HKEY" in summary model. |
48+
| Dubious signature "operator=" in summary model. |

cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,3 +63,24 @@ typedef struct tagSAFEARRAY {
6363
PVOID pvData;
6464
SAFEARRAYBOUND rgsabound[1];
6565
} SAFEARRAY, *LPSAFEARRAY;
66+
67+
struct _U_STRINGorID {
68+
_U_STRINGorID(UINT nID);
69+
_U_STRINGorID(LPCTSTR lpString);
70+
71+
LPCTSTR m_lpstr;
72+
};
73+
74+
void test__U_STRINGorID() {
75+
{
76+
UINT x = source<UINT>();
77+
_U_STRINGorID u(x);
78+
sink(u.m_lpstr); // $ MISSING: ir
79+
}
80+
81+
{
82+
LPCTSTR y = indirect_source<const char>();
83+
_U_STRINGorID u(y);
84+
sink(u.m_lpstr); // $ MISSING: ir
85+
}
86+
}

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,13 @@ WARNING: module 'TaintTracking' has been deprecated and may be removed in future
140140
| arrayassignment.cpp:145:12:145:12 | 5 | arrayassignment.cpp:145:7:145:13 | access to array | TAINT |
141141
| arrayassignment.cpp:146:7:146:10 | arr3 | arrayassignment.cpp:146:7:146:13 | access to array | |
142142
| arrayassignment.cpp:146:12:146:12 | 5 | arrayassignment.cpp:146:7:146:13 | access to array | TAINT |
143+
| atl.cpp:32:30:32:30 | 1 | atl.cpp:32:29:32:30 | - ... | TAINT |
144+
| atl.cpp:76:14:76:25 | call to source | atl.cpp:77:21:77:21 | x | |
145+
| atl.cpp:77:21:77:21 | x | atl.cpp:77:21:77:22 | call to _U_STRINGorID | TAINT |
146+
| atl.cpp:77:21:77:22 | call to _U_STRINGorID | atl.cpp:78:10:78:10 | u | |
147+
| atl.cpp:82:17:82:43 | call to indirect_source | atl.cpp:83:21:83:21 | y | |
148+
| atl.cpp:83:21:83:21 | y | atl.cpp:83:21:83:22 | call to _U_STRINGorID | TAINT |
149+
| atl.cpp:83:21:83:22 | call to _U_STRINGorID | atl.cpp:84:10:84:10 | u | |
143150
| bsd.cpp:17:11:17:16 | call to source | bsd.cpp:20:18:20:18 | s | |
144151
| bsd.cpp:18:12:18:15 | addr | bsd.cpp:20:22:20:25 | addr | |
145152
| bsd.cpp:18:12:18:15 | addr | bsd.cpp:23:8:23:11 | addr | |

0 commit comments

Comments
 (0)