C++: Add a MaD model for 'CAtlFile' and mark reads as local flow sources.

MathiasVP · MathiasVP · commit 74eae4a18dd1 · 2024-11-27T16:41:48.000Z
diff --git a/cpp/ql/lib/ext/CAtlFile.model.yml b/cpp/ql/lib/ext/CAtlFile.model.yml
@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: codeql/cpp-all
+      extensible: summaryModel
+    data: # namespace, type, subtypes, name, signature, ext, input, output, kind, provenance
+      - ["", "CAtlFile", True, "CAtlFile", "(CAtlFile &)", "", "Argument[*0]", "Argument[-1]", "value", "manual"]
+      - ["", "CAtlFile", True, "CAtlFile", "(HANDLE)", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
+      - ["", "CAtlFile", True, "Create", "", "", "Argument[*0]", "Argument[-1]", "taint", "manual"]
+      - ["", "CAtlFile", True, "Read", "", "", "Argument[-1]", "Argument[*0]", "taint", "manual"]
diff --git a/cpp/ql/lib/semmle/code/cpp/models/Models.qll b/cpp/ql/lib/semmle/code/cpp/models/Models.qll
@@ -53,3 +53,4 @@ private import implementations.Win32CommandExecution
 private import implementations.CA2AEX
 private import implementations.CComBSTR
 private import implementations.CPathT
+private import implementations.CAtlFile
diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/CAtlFile.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/CAtlFile.qll
@@ -0,0 +1,17 @@
+import semmle.code.cpp.models.interfaces.FlowSource
+
+/**
+ * The `CAtlFile` class from Microsoft's Active Template Library.
+ */
+class CAtlFile extends Class {
+  CAtlFile() { this.hasGlobalName("CAtlFile") }
+}
+
+private class CAtlFileRead extends MemberFunction, LocalFlowSourceFunction {
+  CAtlFileRead() { this.getClassAndName("Read") instanceof CAtlFile }
+
+  override predicate hasLocalFlowSource(FunctionOutput output, string description) {
+    output.isParameterDeref(0) and
+    description = "string read by " + this.getName()
+  }
+}
diff --git a/cpp/ql/test/library-tests/dataflow/source-sink-tests/atl.cpp b/cpp/ql/test/library-tests/dataflow/source-sink-tests/atl.cpp
@@ -133,5 +133,5 @@ struct CAtlFile : public CHandle {
 void test_CAtlFile() {
   CAtlFile catFile;
   char buffer[1024];
-  catFile.Read(buffer, 1024); // $ MISSING: local_source
+  catFile.Read(buffer, 1024); // $ local_source
 }

Original file line number	Diff line number	Diff line change
`@@ -133,5 +133,5 @@ struct CAtlFile : public CHandle {`
`133`	`133`	`void test_CAtlFile() {`
`134`	`134`	`CAtlFile catFile;`
`135`	`135`	`char buffer[1024];`
`136`		`- catFile.Read(buffer, 1024); // $ MISSING: local_source`
	`136`	`+ catFile.Read(buffer, 1024); // $ local_source`
`137`	`137`	`}`