Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 68ee8da

Browse files
MathiasVPMathiasVP
committed
C++: Add failing tests with 'CComBSTR'.
1 parent 2b8ef5a commit 68ee8da

2 files changed

Lines changed: 259 additions & 0 deletions

File tree

cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp

Lines changed: 129 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -396,3 +396,132 @@ void test_CAtlList() {
396396
}
397397
}
398398
}
399+
400+
struct IUnknown { };
401+
402+
struct ISequentialStream : public IUnknown { };
403+
404+
struct IStream : public ISequentialStream { };
405+
406+
struct CComBSTR {
407+
CComBSTR() throw();
408+
CComBSTR(const CComBSTR& src);
409+
CComBSTR(int nSize);
410+
CComBSTR(int nSize, LPCOLESTR sz);
411+
CComBSTR(int nSize, LPCSTR sz);
412+
CComBSTR(LPCOLESTR pSrc);
413+
CComBSTR(LPCSTR pSrc);
414+
CComBSTR(CComBSTR&& src) throw();
415+
~CComBSTR();
416+
417+
HRESULT Append(const CComBSTR& bstrSrc) throw();
418+
HRESULT Append(wchar_t ch) throw();
419+
HRESULT Append(char ch) throw();
420+
HRESULT Append(LPCOLESTR lpsz) throw();
421+
HRESULT Append(LPCSTR lpsz) throw();
422+
HRESULT Append(LPCOLESTR lpsz, int nLen) throw();
423+
HRESULT AppendBSTR(BSTR p) throw();
424+
HRESULT AppendBytes(const char* lpsz, int nLen) throw();
425+
HRESULT ArrayToBSTR(const SAFEARRAY* pSrc) throw();
426+
HRESULT AssignBSTR(const BSTR bstrSrc) throw();
427+
void Attach(BSTR src) throw();
428+
HRESULT BSTRToArray(LPSAFEARRAY ppArray) throw();
429+
unsigned int ByteLength() const throw();
430+
BSTR Copy() const throw();
431+
HRESULT CopyTo(BSTR* pbstr) throw();
432+
433+
HRESULT CopyTo(VARIANT* pvarDest) throw();
434+
BSTR Detach() throw();
435+
void Empty() throw();
436+
unsigned int Length() const throw();
437+
bool LoadString(HINSTANCE hInst, UINT nID) throw();
438+
bool LoadString(UINT nID) throw();
439+
HRESULT ReadFromStream(IStream* pStream) throw();
440+
HRESULT ToUpper() throw();
441+
HRESULT WriteToStream(IStream* pStream) throw();
442+
443+
operator BSTR() const throw();
444+
BSTR* operator&() throw();
445+
446+
CComBSTR& operator+= (const CComBSTR& bstrSrc);
447+
CComBSTR& operator+= (const LPCOLESTR pszSrc);
448+
449+
BSTR m_str;
450+
};
451+
452+
LPSAFEARRAY getSafeArray() {
453+
SAFEARRAY* safe = new SAFEARRAY;
454+
safe->pvData = indirect_source<char>();
455+
return safe;
456+
}
457+
458+
void test_CComBSTR() {
459+
char* x = indirect_source<char>();
460+
{
461+
CComBSTR b(x);
462+
sink(b.m_str); // $ MISSING: ir
463+
464+
CComBSTR b2(b);
465+
sink(b2.m_str); // $ MISSING: ir
466+
}
467+
{
468+
CComBSTR b(10, x);
469+
sink(b.m_str); // $ MISSING: ir
470+
}
471+
{
472+
CComBSTR b(x);
473+
474+
CComBSTR b2;
475+
sink(b2.m_str);
476+
b2 += b;
477+
sink(b2.m_str); // $ MISSING: ir
478+
479+
CComBSTR b3;
480+
b3 += x;
481+
sink(b3.m_str); // $ MISSING: ir
482+
sink(static_cast<BSTR>(b3)); // $ MISSING: ir
483+
sink(**&b3); // $ MISSING: ir
484+
485+
CComBSTR b4;
486+
b4.Append(source<char>());
487+
sink(b4.m_str); // $ MISSING: ir
488+
489+
CComBSTR b5;
490+
b5.AppendBSTR(b4.m_str);
491+
sink(b5.m_str); // $ MISSING: ir
492+
493+
CComBSTR b6;
494+
b6.AppendBytes(x, 10);
495+
sink(b6.m_str); // $ MISSING: ir
496+
497+
CComBSTR b7;
498+
b7.ArrayToBSTR(getSafeArray());
499+
sink(b7.m_str); // $ MISSING: ir
500+
501+
CComBSTR b8;
502+
b8.AssignBSTR(b7.m_str);
503+
sink(b8.m_str); // $ MISSING: ir
504+
505+
CComBSTR b9;
506+
SAFEARRAY safe;
507+
b9.Append(source<char>());
508+
b9.BSTRToArray(&safe);
509+
sink(safe.pvData); // $ MISSING: ir
510+
511+
sink(b9.Copy()); // $ MISSING: ir
512+
}
513+
514+
wchar_t* w = indirect_source<wchar_t>();
515+
{
516+
CComBSTR b(w);
517+
sink(b.m_str); // $ MISSING: ir
518+
519+
CComBSTR b2;
520+
b2.Attach(w);
521+
sink(b2.m_str); // $ MISSING: ir
522+
}
523+
{
524+
CComBSTR b(10, w);
525+
sink(b.m_str); // $ MISSING: ir
526+
}
527+
}

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

Lines changed: 130 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -506,6 +506,136 @@ WARNING: module 'TaintTracking' has been deprecated and may be removed in future
506506
| atl.cpp:394:19:394:23 | ref arg list9 | atl.cpp:395:12:395:16 | list9 | |
507507
| atl.cpp:394:19:394:23 | ref arg list9 | atl.cpp:396:5:396:5 | list9 | |
508508
| atl.cpp:395:12:395:16 | ref arg list9 | atl.cpp:396:5:396:5 | list9 | |
509+
| atl.cpp:453:21:453:33 | new | atl.cpp:454:3:454:6 | safe | |
510+
| atl.cpp:453:21:453:33 | new | atl.cpp:455:10:455:13 | safe | |
511+
| atl.cpp:454:3:454:6 | safe [post update] | atl.cpp:455:10:455:13 | safe | |
512+
| atl.cpp:454:3:454:40 | ... = ... | atl.cpp:454:9:454:14 | pvData [post update] | |
513+
| atl.cpp:454:18:454:38 | call to indirect_source | atl.cpp:454:3:454:40 | ... = ... | |
514+
| atl.cpp:459:13:459:33 | call to indirect_source | atl.cpp:461:16:461:16 | x | |
515+
| atl.cpp:459:13:459:33 | call to indirect_source | atl.cpp:468:20:468:20 | x | |
516+
| atl.cpp:459:13:459:33 | call to indirect_source | atl.cpp:472:16:472:16 | x | |
517+
| atl.cpp:459:13:459:33 | call to indirect_source | atl.cpp:480:11:480:11 | x | |
518+
| atl.cpp:459:13:459:33 | call to indirect_source | atl.cpp:494:20:494:20 | x | |
519+
| atl.cpp:461:16:461:16 | x | atl.cpp:461:16:461:17 | call to CComBSTR | TAINT |
520+
| atl.cpp:461:16:461:17 | call to CComBSTR | atl.cpp:462:10:462:10 | b | |
521+
| atl.cpp:461:16:461:17 | call to CComBSTR | atl.cpp:464:17:464:17 | b | |
522+
| atl.cpp:461:16:461:17 | call to CComBSTR | atl.cpp:466:3:466:3 | b | |
523+
| atl.cpp:462:10:462:10 | b [post update] | atl.cpp:464:17:464:17 | b | |
524+
| atl.cpp:462:10:462:10 | b [post update] | atl.cpp:466:3:466:3 | b | |
525+
| atl.cpp:462:12:462:16 | ref arg m_str | atl.cpp:465:13:465:17 | m_str | |
526+
| atl.cpp:464:17:464:17 | b | atl.cpp:464:17:464:18 | call to CComBSTR | |
527+
| atl.cpp:464:17:464:18 | call to CComBSTR | atl.cpp:465:10:465:11 | b2 | |
528+
| atl.cpp:464:17:464:18 | call to CComBSTR | atl.cpp:466:3:466:3 | b2 | |
529+
| atl.cpp:465:10:465:11 | b2 [post update] | atl.cpp:466:3:466:3 | b2 | |
530+
| atl.cpp:468:16:468:21 | call to CComBSTR | atl.cpp:469:10:469:10 | b | |
531+
| atl.cpp:468:16:468:21 | call to CComBSTR | atl.cpp:470:3:470:3 | b | |
532+
| atl.cpp:469:10:469:10 | b [post update] | atl.cpp:470:3:470:3 | b | |
533+
| atl.cpp:472:16:472:16 | x | atl.cpp:472:16:472:17 | call to CComBSTR | TAINT |
534+
| atl.cpp:472:16:472:17 | call to CComBSTR | atl.cpp:476:11:476:11 | b | |
535+
| atl.cpp:472:16:472:17 | call to CComBSTR | atl.cpp:512:3:512:3 | b | |
536+
| atl.cpp:474:14:474:15 | call to CComBSTR | atl.cpp:475:10:475:11 | b2 | |
537+
| atl.cpp:474:14:474:15 | call to CComBSTR | atl.cpp:476:5:476:6 | b2 | |
538+
| atl.cpp:474:14:474:15 | call to CComBSTR | atl.cpp:477:10:477:11 | b2 | |
539+
| atl.cpp:474:14:474:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b2 | |
540+
| atl.cpp:475:10:475:11 | b2 [post update] | atl.cpp:476:5:476:6 | b2 | |
541+
| atl.cpp:475:10:475:11 | b2 [post update] | atl.cpp:477:10:477:11 | b2 | |
542+
| atl.cpp:475:10:475:11 | b2 [post update] | atl.cpp:512:3:512:3 | b2 | |
543+
| atl.cpp:475:13:475:17 | ref arg m_str | atl.cpp:477:13:477:17 | m_str | |
544+
| atl.cpp:476:5:476:6 | ref arg b2 | atl.cpp:477:10:477:11 | b2 | |
545+
| atl.cpp:476:5:476:6 | ref arg b2 | atl.cpp:512:3:512:3 | b2 | |
546+
| atl.cpp:477:10:477:11 | b2 [post update] | atl.cpp:512:3:512:3 | b2 | |
547+
| atl.cpp:479:14:479:15 | call to CComBSTR | atl.cpp:480:5:480:6 | b3 | |
548+
| atl.cpp:479:14:479:15 | call to CComBSTR | atl.cpp:481:10:481:11 | b3 | |
549+
| atl.cpp:479:14:479:15 | call to CComBSTR | atl.cpp:482:28:482:29 | b3 | |
550+
| atl.cpp:479:14:479:15 | call to CComBSTR | atl.cpp:483:13:483:14 | b3 | |
551+
| atl.cpp:479:14:479:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b3 | |
552+
| atl.cpp:480:5:480:6 | ref arg b3 | atl.cpp:481:10:481:11 | b3 | |
553+
| atl.cpp:480:5:480:6 | ref arg b3 | atl.cpp:482:28:482:29 | b3 | |
554+
| atl.cpp:480:5:480:6 | ref arg b3 | atl.cpp:483:13:483:14 | b3 | |
555+
| atl.cpp:480:5:480:6 | ref arg b3 | atl.cpp:512:3:512:3 | b3 | |
556+
| atl.cpp:480:11:480:11 | x | atl.cpp:480:11:480:11 | call to CComBSTR | TAINT |
557+
| atl.cpp:481:10:481:11 | b3 [post update] | atl.cpp:482:28:482:29 | b3 | |
558+
| atl.cpp:481:10:481:11 | b3 [post update] | atl.cpp:483:13:483:14 | b3 | |
559+
| atl.cpp:481:10:481:11 | b3 [post update] | atl.cpp:512:3:512:3 | b3 | |
560+
| atl.cpp:482:28:482:29 | ref arg b3 | atl.cpp:483:13:483:14 | b3 | |
561+
| atl.cpp:482:28:482:29 | ref arg b3 | atl.cpp:512:3:512:3 | b3 | |
562+
| atl.cpp:483:11:483:14 | * ... | atl.cpp:483:10:483:14 | * ... | TAINT |
563+
| atl.cpp:483:12:483:12 | call to operator& | atl.cpp:483:11:483:14 | * ... | TAINT |
564+
| atl.cpp:483:13:483:14 | ref arg b3 | atl.cpp:512:3:512:3 | b3 | |
565+
| atl.cpp:485:14:485:15 | call to CComBSTR | atl.cpp:486:5:486:6 | b4 | |
566+
| atl.cpp:485:14:485:15 | call to CComBSTR | atl.cpp:487:10:487:11 | b4 | |
567+
| atl.cpp:485:14:485:15 | call to CComBSTR | atl.cpp:490:19:490:20 | b4 | |
568+
| atl.cpp:485:14:485:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b4 | |
569+
| atl.cpp:486:5:486:6 | ref arg b4 | atl.cpp:487:10:487:11 | b4 | |
570+
| atl.cpp:486:5:486:6 | ref arg b4 | atl.cpp:490:19:490:20 | b4 | |
571+
| atl.cpp:486:5:486:6 | ref arg b4 | atl.cpp:512:3:512:3 | b4 | |
572+
| atl.cpp:487:10:487:11 | b4 [post update] | atl.cpp:490:19:490:20 | b4 | |
573+
| atl.cpp:487:10:487:11 | b4 [post update] | atl.cpp:512:3:512:3 | b4 | |
574+
| atl.cpp:487:13:487:17 | ref arg m_str | atl.cpp:490:22:490:26 | m_str | |
575+
| atl.cpp:489:14:489:15 | call to CComBSTR | atl.cpp:490:5:490:6 | b5 | |
576+
| atl.cpp:489:14:489:15 | call to CComBSTR | atl.cpp:491:10:491:11 | b5 | |
577+
| atl.cpp:489:14:489:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b5 | |
578+
| atl.cpp:490:5:490:6 | ref arg b5 | atl.cpp:491:10:491:11 | b5 | |
579+
| atl.cpp:490:5:490:6 | ref arg b5 | atl.cpp:512:3:512:3 | b5 | |
580+
| atl.cpp:490:19:490:20 | b4 [post update] | atl.cpp:512:3:512:3 | b4 | |
581+
| atl.cpp:491:10:491:11 | b5 [post update] | atl.cpp:512:3:512:3 | b5 | |
582+
| atl.cpp:493:14:493:15 | call to CComBSTR | atl.cpp:494:5:494:6 | b6 | |
583+
| atl.cpp:493:14:493:15 | call to CComBSTR | atl.cpp:495:10:495:11 | b6 | |
584+
| atl.cpp:493:14:493:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b6 | |
585+
| atl.cpp:494:5:494:6 | ref arg b6 | atl.cpp:495:10:495:11 | b6 | |
586+
| atl.cpp:494:5:494:6 | ref arg b6 | atl.cpp:512:3:512:3 | b6 | |
587+
| atl.cpp:495:10:495:11 | b6 [post update] | atl.cpp:512:3:512:3 | b6 | |
588+
| atl.cpp:497:14:497:15 | call to CComBSTR | atl.cpp:498:5:498:6 | b7 | |
589+
| atl.cpp:497:14:497:15 | call to CComBSTR | atl.cpp:499:10:499:11 | b7 | |
590+
| atl.cpp:497:14:497:15 | call to CComBSTR | atl.cpp:502:19:502:20 | b7 | |
591+
| atl.cpp:497:14:497:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b7 | |
592+
| atl.cpp:498:5:498:6 | ref arg b7 | atl.cpp:499:10:499:11 | b7 | |
593+
| atl.cpp:498:5:498:6 | ref arg b7 | atl.cpp:502:19:502:20 | b7 | |
594+
| atl.cpp:498:5:498:6 | ref arg b7 | atl.cpp:512:3:512:3 | b7 | |
595+
| atl.cpp:499:10:499:11 | b7 [post update] | atl.cpp:502:19:502:20 | b7 | |
596+
| atl.cpp:499:10:499:11 | b7 [post update] | atl.cpp:512:3:512:3 | b7 | |
597+
| atl.cpp:499:13:499:17 | ref arg m_str | atl.cpp:502:22:502:26 | m_str | |
598+
| atl.cpp:501:14:501:15 | call to CComBSTR | atl.cpp:502:5:502:6 | b8 | |
599+
| atl.cpp:501:14:501:15 | call to CComBSTR | atl.cpp:503:10:503:11 | b8 | |
600+
| atl.cpp:501:14:501:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b8 | |
601+
| atl.cpp:502:5:502:6 | ref arg b8 | atl.cpp:503:10:503:11 | b8 | |
602+
| atl.cpp:502:5:502:6 | ref arg b8 | atl.cpp:512:3:512:3 | b8 | |
603+
| atl.cpp:502:19:502:20 | b7 [post update] | atl.cpp:512:3:512:3 | b7 | |
604+
| atl.cpp:503:10:503:11 | b8 [post update] | atl.cpp:512:3:512:3 | b8 | |
605+
| atl.cpp:505:14:505:15 | call to CComBSTR | atl.cpp:507:5:507:6 | b9 | |
606+
| atl.cpp:505:14:505:15 | call to CComBSTR | atl.cpp:508:5:508:6 | b9 | |
607+
| atl.cpp:505:14:505:15 | call to CComBSTR | atl.cpp:511:10:511:11 | b9 | |
608+
| atl.cpp:505:14:505:15 | call to CComBSTR | atl.cpp:512:3:512:3 | b9 | |
609+
| atl.cpp:506:15:506:18 | safe | atl.cpp:508:21:508:24 | safe | |
610+
| atl.cpp:506:15:506:18 | safe | atl.cpp:509:10:509:13 | safe | |
611+
| atl.cpp:507:5:507:6 | ref arg b9 | atl.cpp:508:5:508:6 | b9 | |
612+
| atl.cpp:507:5:507:6 | ref arg b9 | atl.cpp:511:10:511:11 | b9 | |
613+
| atl.cpp:507:5:507:6 | ref arg b9 | atl.cpp:512:3:512:3 | b9 | |
614+
| atl.cpp:508:5:508:6 | ref arg b9 | atl.cpp:511:10:511:11 | b9 | |
615+
| atl.cpp:508:5:508:6 | ref arg b9 | atl.cpp:512:3:512:3 | b9 | |
616+
| atl.cpp:508:20:508:24 | ref arg & ... | atl.cpp:508:21:508:24 | safe [inner post update] | |
617+
| atl.cpp:508:20:508:24 | ref arg & ... | atl.cpp:509:10:509:13 | safe | |
618+
| atl.cpp:508:21:508:24 | safe | atl.cpp:508:20:508:24 | & ... | |
619+
| atl.cpp:511:10:511:11 | ref arg b9 | atl.cpp:512:3:512:3 | b9 | |
620+
| atl.cpp:514:16:514:39 | call to indirect_source | atl.cpp:516:16:516:16 | w | |
621+
| atl.cpp:514:16:514:39 | call to indirect_source | atl.cpp:520:15:520:15 | w | |
622+
| atl.cpp:514:16:514:39 | call to indirect_source | atl.cpp:524:20:524:20 | w | |
623+
| atl.cpp:516:16:516:16 | ref arg w | atl.cpp:520:15:520:15 | w | |
624+
| atl.cpp:516:16:516:16 | ref arg w | atl.cpp:524:20:524:20 | w | |
625+
| atl.cpp:516:16:516:16 | w | atl.cpp:516:16:516:17 | call to CComBSTR | TAINT |
626+
| atl.cpp:516:16:516:17 | call to CComBSTR | atl.cpp:517:10:517:10 | b | |
627+
| atl.cpp:516:16:516:17 | call to CComBSTR | atl.cpp:522:3:522:3 | b | |
628+
| atl.cpp:517:10:517:10 | b [post update] | atl.cpp:522:3:522:3 | b | |
629+
| atl.cpp:519:14:519:15 | call to CComBSTR | atl.cpp:520:5:520:6 | b2 | |
630+
| atl.cpp:519:14:519:15 | call to CComBSTR | atl.cpp:521:10:521:11 | b2 | |
631+
| atl.cpp:519:14:519:15 | call to CComBSTR | atl.cpp:522:3:522:3 | b2 | |
632+
| atl.cpp:520:5:520:6 | ref arg b2 | atl.cpp:521:10:521:11 | b2 | |
633+
| atl.cpp:520:5:520:6 | ref arg b2 | atl.cpp:522:3:522:3 | b2 | |
634+
| atl.cpp:520:15:520:15 | ref arg w | atl.cpp:524:20:524:20 | w | |
635+
| atl.cpp:521:10:521:11 | b2 [post update] | atl.cpp:522:3:522:3 | b2 | |
636+
| atl.cpp:524:16:524:21 | call to CComBSTR | atl.cpp:525:10:525:10 | b | |
637+
| atl.cpp:524:16:524:21 | call to CComBSTR | atl.cpp:526:3:526:3 | b | |
638+
| atl.cpp:525:10:525:10 | b [post update] | atl.cpp:526:3:526:3 | b | |
509639
| bsd.cpp:17:11:17:16 | call to source | bsd.cpp:20:18:20:18 | s | |
510640
| bsd.cpp:18:12:18:15 | addr | bsd.cpp:20:22:20:25 | addr | |
511641
| bsd.cpp:18:12:18:15 | addr | bsd.cpp:23:8:23:11 | addr | |

0 commit comments

Comments
 (0)