C++: Add the new query to tests.

geoffw0 · geoffw0 · commit 70e4a409fd87 · 2022-03-02T17:56:53.000Z
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.expected
@@ -0,0 +1,11 @@
+edges
+| tests.c:57:21:57:28 | array to pointer conversion | tests.c:70:70:70:77 | array to pointer conversion |
+| tests.c:57:21:57:28 | password | tests.c:70:70:70:77 | array to pointer conversion |
+nodes
+| tests.c:57:21:57:28 | array to pointer conversion | semmle.label | array to pointer conversion |
+| tests.c:57:21:57:28 | password | semmle.label | password |
+| tests.c:70:70:70:77 | array to pointer conversion | semmle.label | array to pointer conversion |
+subpaths
+#select
+| tests.c:70:70:70:77 | array to pointer conversion | tests.c:57:21:57:28 | array to pointer conversion | tests.c:70:70:70:77 | array to pointer conversion | This operation potentially exposes sensitive system data (a password or token) from $@. | tests.c:57:21:57:28 | array to pointer conversion | array to pointer conversion |
+| tests.c:70:70:70:77 | array to pointer conversion | tests.c:57:21:57:28 | password | tests.c:70:70:70:77 | array to pointer conversion | This operation potentially exposes sensitive system data (a password or token) from $@. | tests.c:57:21:57:28 | password | password |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-497/PotentiallyExposedSystemData.ql
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/tests.c b/cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/tests.c
@@ -67,6 +67,6 @@ void CWE535_Info_Exposure_Shell_Error__w32_char_01_bad()
             printLine("Unable to login.");
         }
         /* FLAW: Write sensitive data to stderr */
-        fprintf(stderr, "User attempted access with password: %s\n", password); // [NOT DETECTED]
+        fprintf(stderr, "User attempted access with password: %s\n", password);
     }
 }
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected
@@ -0,0 +1,4 @@
+edges
+nodes
+subpaths
+#select
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-497/PotentiallyExposedSystemData.ql

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Security/CWE/CWE-497/PotentiallyExposedSystemData.ql`
Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,6 @@ void CWE535_Info_Exposure_Shell_Error__w32_char_01_bad()`
`67`	`67`	`printLine("Unable to login.");`
`68`	`68`	`}`
`69`	`69`	`/* FLAW: Write sensitive data to stderr */`
`70`		`- fprintf(stderr, "User attempted access with password: %s\n", password); // [NOT DETECTED]`
	`70`	`+ fprintf(stderr, "User attempted access with password: %s\n", password);`
`71`	`71`	`}`
`72`	`72`	`}`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +edges
 +nodes
 +subpaths
 +#select