Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c555cfa

Browse files
geoffw0geoffw0
committed
C++: Replace isParameterDeref(_).
1 parent e01e4b5 commit c555cfa

2 files changed

Lines changed: 2 additions & 46 deletions

File tree

cpp/ql/src/semmle/code/cpp/models/implementations/StdMap.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ class StdMapEmplace extends TaintFunction {
6363
// flow from any parameter to qualifier and return value
6464
// (here we assume taint flow from any constructor parameter to the constructed object)
6565
// (where the return value is a pair, this should really flow just to the first part of it)
66-
input.isParameterDeref(_) and
66+
input.isParameterDeref([0 .. getNumberOfParameters() - 1]) and
6767
(
6868
output.isQualifierObject() or
6969
output.isReturnValue()
@@ -81,7 +81,7 @@ class StdMapTryEmplace extends TaintFunction {
8181
// flow from any parameter apart from the key to qualifier and return value
8282
// (here we assume taint flow from any constructor parameter to the constructed object)
8383
// (where the return value is a pair, this should really flow just to the first part of it)
84-
exists(int arg |
84+
exists(int arg | arg = [0 .. getNumberOfParameters() - 1] |
8585
(
8686
getUnspecifiedType() instanceof Iterator and arg != 1
8787
or

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

Lines changed: 0 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -1109,8 +1109,6 @@
11091109
| map.cpp:232:32:232:34 | call to map | map.cpp:239:24:239:26 | m25 | |
11101110
| map.cpp:232:32:232:34 | call to map | map.cpp:240:7:240:9 | m25 | |
11111111
| map.cpp:232:32:232:34 | call to map | map.cpp:252:1:252:1 | m25 | |
1112-
| map.cpp:233:7:233:9 | m24 | map.cpp:233:7:233:9 | ref arg m24 | TAINT |
1113-
| map.cpp:233:7:233:9 | m24 | map.cpp:233:11:233:17 | call to emplace | TAINT |
11141112
| map.cpp:233:7:233:9 | ref arg m24 | map.cpp:234:7:234:9 | m24 | |
11151113
| map.cpp:233:7:233:9 | ref arg m24 | map.cpp:235:7:235:9 | m24 | |
11161114
| map.cpp:233:7:233:9 | ref arg m24 | map.cpp:236:7:236:9 | m24 | |
@@ -1121,8 +1119,6 @@
11211119
| map.cpp:233:26:233:30 | def | map.cpp:233:11:233:17 | call to emplace | TAINT |
11221120
| map.cpp:233:33:233:37 | first | map.cpp:233:7:233:37 | call to iterator | |
11231121
| map.cpp:234:7:234:9 | m24 | map.cpp:234:7:234:9 | call to map | |
1124-
| map.cpp:235:7:235:9 | m24 | map.cpp:235:7:235:9 | ref arg m24 | TAINT |
1125-
| map.cpp:235:7:235:9 | m24 | map.cpp:235:11:235:17 | call to emplace | TAINT |
11261122
| map.cpp:235:7:235:9 | ref arg m24 | map.cpp:236:7:236:9 | m24 | |
11271123
| map.cpp:235:7:235:9 | ref arg m24 | map.cpp:252:1:252:1 | m24 | |
11281124
| map.cpp:235:19:235:23 | abc | map.cpp:235:7:235:9 | ref arg m24 | TAINT |
@@ -1131,8 +1127,6 @@
11311127
| map.cpp:235:26:235:31 | call to source | map.cpp:235:11:235:17 | call to emplace | TAINT |
11321128
| map.cpp:235:36:235:40 | first | map.cpp:235:7:235:40 | call to iterator | |
11331129
| map.cpp:236:7:236:9 | m24 | map.cpp:236:7:236:9 | call to map | |
1134-
| map.cpp:237:7:237:9 | m25 | map.cpp:237:7:237:9 | ref arg m25 | TAINT |
1135-
| map.cpp:237:7:237:9 | m25 | map.cpp:237:11:237:22 | call to emplace_hint | TAINT |
11361130
| map.cpp:237:7:237:9 | ref arg m25 | map.cpp:238:7:238:9 | m25 | |
11371131
| map.cpp:237:7:237:9 | ref arg m25 | map.cpp:239:7:239:9 | m25 | |
11381132
| map.cpp:237:7:237:9 | ref arg m25 | map.cpp:239:24:239:26 | m25 | |
@@ -1153,8 +1147,6 @@
11531147
| map.cpp:237:44:237:48 | def | map.cpp:237:7:237:9 | ref arg m25 | TAINT |
11541148
| map.cpp:237:44:237:48 | def | map.cpp:237:11:237:22 | call to emplace_hint | TAINT |
11551149
| map.cpp:238:7:238:9 | m25 | map.cpp:238:7:238:9 | call to map | |
1156-
| map.cpp:239:7:239:9 | m25 | map.cpp:239:7:239:9 | ref arg m25 | TAINT |
1157-
| map.cpp:239:7:239:9 | m25 | map.cpp:239:11:239:22 | call to emplace_hint | TAINT |
11581150
| map.cpp:239:7:239:9 | ref arg m25 | map.cpp:240:7:240:9 | m25 | |
11591151
| map.cpp:239:7:239:9 | ref arg m25 | map.cpp:252:1:252:1 | m25 | |
11601152
| map.cpp:239:24:239:26 | m25 | map.cpp:239:28:239:32 | call to begin | TAINT |
@@ -1181,8 +1173,6 @@
11811173
| map.cpp:243:32:243:34 | call to map | map.cpp:250:23:250:25 | m27 | |
11821174
| map.cpp:243:32:243:34 | call to map | map.cpp:251:7:251:9 | m27 | |
11831175
| map.cpp:243:32:243:34 | call to map | map.cpp:252:1:252:1 | m27 | |
1184-
| map.cpp:244:7:244:9 | m26 | map.cpp:244:7:244:9 | ref arg m26 | TAINT |
1185-
| map.cpp:244:7:244:9 | m26 | map.cpp:244:11:244:21 | call to try_emplace | TAINT |
11861176
| map.cpp:244:7:244:9 | ref arg m26 | map.cpp:245:7:245:9 | m26 | |
11871177
| map.cpp:244:7:244:9 | ref arg m26 | map.cpp:246:7:246:9 | m26 | |
11881178
| map.cpp:244:7:244:9 | ref arg m26 | map.cpp:247:7:247:9 | m26 | |
@@ -1191,16 +1181,12 @@
11911181
| map.cpp:244:30:244:34 | def | map.cpp:244:11:244:21 | call to try_emplace | TAINT |
11921182
| map.cpp:244:37:244:41 | first | map.cpp:244:7:244:41 | call to iterator | |
11931183
| map.cpp:245:7:245:9 | m26 | map.cpp:245:7:245:9 | call to map | |
1194-
| map.cpp:246:7:246:9 | m26 | map.cpp:246:7:246:9 | ref arg m26 | TAINT |
1195-
| map.cpp:246:7:246:9 | m26 | map.cpp:246:11:246:21 | call to try_emplace | TAINT |
11961184
| map.cpp:246:7:246:9 | ref arg m26 | map.cpp:247:7:247:9 | m26 | |
11971185
| map.cpp:246:7:246:9 | ref arg m26 | map.cpp:252:1:252:1 | m26 | |
11981186
| map.cpp:246:30:246:35 | call to source | map.cpp:246:7:246:9 | ref arg m26 | TAINT |
11991187
| map.cpp:246:30:246:35 | call to source | map.cpp:246:11:246:21 | call to try_emplace | TAINT |
12001188
| map.cpp:246:40:246:44 | first | map.cpp:246:7:246:44 | call to iterator | |
12011189
| map.cpp:247:7:247:9 | m26 | map.cpp:247:7:247:9 | call to map | |
1202-
| map.cpp:248:7:248:9 | m27 | map.cpp:248:7:248:9 | ref arg m27 | TAINT |
1203-
| map.cpp:248:7:248:9 | m27 | map.cpp:248:11:248:21 | call to try_emplace | TAINT |
12041190
| map.cpp:248:7:248:9 | ref arg m27 | map.cpp:249:7:249:9 | m27 | |
12051191
| map.cpp:248:7:248:9 | ref arg m27 | map.cpp:250:7:250:9 | m27 | |
12061192
| map.cpp:248:7:248:9 | ref arg m27 | map.cpp:250:23:250:25 | m27 | |
@@ -1219,8 +1205,6 @@
12191205
| map.cpp:248:43:248:47 | def | map.cpp:248:7:248:9 | ref arg m27 | TAINT |
12201206
| map.cpp:248:43:248:47 | def | map.cpp:248:11:248:21 | call to try_emplace | TAINT |
12211207
| map.cpp:249:7:249:9 | m27 | map.cpp:249:7:249:9 | call to map | |
1222-
| map.cpp:250:7:250:9 | m27 | map.cpp:250:7:250:9 | ref arg m27 | TAINT |
1223-
| map.cpp:250:7:250:9 | m27 | map.cpp:250:11:250:21 | call to try_emplace | TAINT |
12241208
| map.cpp:250:7:250:9 | ref arg m27 | map.cpp:251:7:251:9 | m27 | |
12251209
| map.cpp:250:7:250:9 | ref arg m27 | map.cpp:252:1:252:1 | m27 | |
12261210
| map.cpp:250:23:250:25 | m27 | map.cpp:250:27:250:31 | call to begin | TAINT |
@@ -1775,8 +1759,6 @@
17751759
| map.cpp:381:42:381:44 | call to unordered_map | map.cpp:388:24:388:26 | m25 | |
17761760
| map.cpp:381:42:381:44 | call to unordered_map | map.cpp:389:7:389:9 | m25 | |
17771761
| map.cpp:381:42:381:44 | call to unordered_map | map.cpp:418:1:418:1 | m25 | |
1778-
| map.cpp:382:7:382:9 | m24 | map.cpp:382:7:382:9 | ref arg m24 | TAINT |
1779-
| map.cpp:382:7:382:9 | m24 | map.cpp:382:11:382:17 | call to emplace | TAINT |
17801762
| map.cpp:382:7:382:9 | ref arg m24 | map.cpp:383:7:383:9 | m24 | |
17811763
| map.cpp:382:7:382:9 | ref arg m24 | map.cpp:384:7:384:9 | m24 | |
17821764
| map.cpp:382:7:382:9 | ref arg m24 | map.cpp:385:7:385:9 | m24 | |
@@ -1787,8 +1769,6 @@
17871769
| map.cpp:382:26:382:30 | def | map.cpp:382:11:382:17 | call to emplace | TAINT |
17881770
| map.cpp:382:33:382:37 | first | map.cpp:382:7:382:37 | call to iterator | |
17891771
| map.cpp:383:7:383:9 | m24 | map.cpp:383:7:383:9 | call to unordered_map | |
1790-
| map.cpp:384:7:384:9 | m24 | map.cpp:384:7:384:9 | ref arg m24 | TAINT |
1791-
| map.cpp:384:7:384:9 | m24 | map.cpp:384:11:384:17 | call to emplace | TAINT |
17921772
| map.cpp:384:7:384:9 | ref arg m24 | map.cpp:385:7:385:9 | m24 | |
17931773
| map.cpp:384:7:384:9 | ref arg m24 | map.cpp:418:1:418:1 | m24 | |
17941774
| map.cpp:384:19:384:23 | abc | map.cpp:384:7:384:9 | ref arg m24 | TAINT |
@@ -1797,8 +1777,6 @@
17971777
| map.cpp:384:26:384:31 | call to source | map.cpp:384:11:384:17 | call to emplace | TAINT |
17981778
| map.cpp:384:36:384:40 | first | map.cpp:384:7:384:40 | call to iterator | |
17991779
| map.cpp:385:7:385:9 | m24 | map.cpp:385:7:385:9 | call to unordered_map | |
1800-
| map.cpp:386:7:386:9 | m25 | map.cpp:386:7:386:9 | ref arg m25 | TAINT |
1801-
| map.cpp:386:7:386:9 | m25 | map.cpp:386:11:386:22 | call to emplace_hint | TAINT |
18021780
| map.cpp:386:7:386:9 | ref arg m25 | map.cpp:387:7:387:9 | m25 | |
18031781
| map.cpp:386:7:386:9 | ref arg m25 | map.cpp:388:7:388:9 | m25 | |
18041782
| map.cpp:386:7:386:9 | ref arg m25 | map.cpp:388:24:388:26 | m25 | |
@@ -1819,8 +1797,6 @@
18191797
| map.cpp:386:44:386:48 | def | map.cpp:386:7:386:9 | ref arg m25 | TAINT |
18201798
| map.cpp:386:44:386:48 | def | map.cpp:386:11:386:22 | call to emplace_hint | TAINT |
18211799
| map.cpp:387:7:387:9 | m25 | map.cpp:387:7:387:9 | call to unordered_map | |
1822-
| map.cpp:388:7:388:9 | m25 | map.cpp:388:7:388:9 | ref arg m25 | TAINT |
1823-
| map.cpp:388:7:388:9 | m25 | map.cpp:388:11:388:22 | call to emplace_hint | TAINT |
18241800
| map.cpp:388:7:388:9 | ref arg m25 | map.cpp:389:7:389:9 | m25 | |
18251801
| map.cpp:388:7:388:9 | ref arg m25 | map.cpp:418:1:418:1 | m25 | |
18261802
| map.cpp:388:24:388:26 | m25 | map.cpp:388:28:388:32 | call to begin | TAINT |
@@ -1849,8 +1825,6 @@
18491825
| map.cpp:392:42:392:44 | call to unordered_map | map.cpp:401:23:401:25 | m27 | |
18501826
| map.cpp:392:42:392:44 | call to unordered_map | map.cpp:402:7:402:9 | m27 | |
18511827
| map.cpp:392:42:392:44 | call to unordered_map | map.cpp:418:1:418:1 | m27 | |
1852-
| map.cpp:393:7:393:9 | m26 | map.cpp:393:7:393:9 | ref arg m26 | TAINT |
1853-
| map.cpp:393:7:393:9 | m26 | map.cpp:393:11:393:21 | call to try_emplace | TAINT |
18541828
| map.cpp:393:7:393:9 | ref arg m26 | map.cpp:394:7:394:9 | m26 | |
18551829
| map.cpp:393:7:393:9 | ref arg m26 | map.cpp:395:7:395:9 | m26 | |
18561830
| map.cpp:393:7:393:9 | ref arg m26 | map.cpp:396:7:396:9 | m26 | |
@@ -1860,8 +1834,6 @@
18601834
| map.cpp:393:30:393:34 | def | map.cpp:393:7:393:9 | ref arg m26 | TAINT |
18611835
| map.cpp:393:30:393:34 | def | map.cpp:393:11:393:21 | call to try_emplace | TAINT |
18621836
| map.cpp:393:37:393:41 | first | map.cpp:393:7:393:41 | call to iterator | |
1863-
| map.cpp:394:7:394:9 | m26 | map.cpp:394:7:394:9 | ref arg m26 | TAINT |
1864-
| map.cpp:394:7:394:9 | m26 | map.cpp:394:11:394:21 | call to try_emplace | TAINT |
18651837
| map.cpp:394:7:394:9 | ref arg m26 | map.cpp:395:7:395:9 | m26 | |
18661838
| map.cpp:394:7:394:9 | ref arg m26 | map.cpp:396:7:396:9 | m26 | |
18671839
| map.cpp:394:7:394:9 | ref arg m26 | map.cpp:397:7:397:9 | m26 | |
@@ -1870,23 +1842,17 @@
18701842
| map.cpp:394:30:394:34 | def | map.cpp:394:7:394:9 | ref arg m26 | TAINT |
18711843
| map.cpp:394:30:394:34 | def | map.cpp:394:11:394:21 | call to try_emplace | TAINT |
18721844
| map.cpp:395:7:395:9 | m26 | map.cpp:395:7:395:9 | call to unordered_map | |
1873-
| map.cpp:396:7:396:9 | m26 | map.cpp:396:7:396:9 | ref arg m26 | TAINT |
1874-
| map.cpp:396:7:396:9 | m26 | map.cpp:396:11:396:21 | call to try_emplace | TAINT |
18751845
| map.cpp:396:7:396:9 | ref arg m26 | map.cpp:397:7:397:9 | m26 | |
18761846
| map.cpp:396:7:396:9 | ref arg m26 | map.cpp:398:7:398:9 | m26 | |
18771847
| map.cpp:396:7:396:9 | ref arg m26 | map.cpp:418:1:418:1 | m26 | |
18781848
| map.cpp:396:30:396:35 | call to source | map.cpp:396:7:396:9 | ref arg m26 | TAINT |
18791849
| map.cpp:396:30:396:35 | call to source | map.cpp:396:11:396:21 | call to try_emplace | TAINT |
18801850
| map.cpp:396:40:396:44 | first | map.cpp:396:7:396:44 | call to iterator | |
1881-
| map.cpp:397:7:397:9 | m26 | map.cpp:397:7:397:9 | ref arg m26 | TAINT |
1882-
| map.cpp:397:7:397:9 | m26 | map.cpp:397:11:397:21 | call to try_emplace | TAINT |
18831851
| map.cpp:397:7:397:9 | ref arg m26 | map.cpp:398:7:398:9 | m26 | |
18841852
| map.cpp:397:7:397:9 | ref arg m26 | map.cpp:418:1:418:1 | m26 | |
18851853
| map.cpp:397:30:397:35 | call to source | map.cpp:397:7:397:9 | ref arg m26 | TAINT |
18861854
| map.cpp:397:30:397:35 | call to source | map.cpp:397:11:397:21 | call to try_emplace | TAINT |
18871855
| map.cpp:398:7:398:9 | m26 | map.cpp:398:7:398:9 | call to unordered_map | |
1888-
| map.cpp:399:7:399:9 | m27 | map.cpp:399:7:399:9 | ref arg m27 | TAINT |
1889-
| map.cpp:399:7:399:9 | m27 | map.cpp:399:11:399:21 | call to try_emplace | TAINT |
18901856
| map.cpp:399:7:399:9 | ref arg m27 | map.cpp:400:7:400:9 | m27 | |
18911857
| map.cpp:399:7:399:9 | ref arg m27 | map.cpp:401:7:401:9 | m27 | |
18921858
| map.cpp:399:7:399:9 | ref arg m27 | map.cpp:401:23:401:25 | m27 | |
@@ -1905,8 +1871,6 @@
19051871
| map.cpp:399:43:399:47 | def | map.cpp:399:7:399:9 | ref arg m27 | TAINT |
19061872
| map.cpp:399:43:399:47 | def | map.cpp:399:11:399:21 | call to try_emplace | TAINT |
19071873
| map.cpp:400:7:400:9 | m27 | map.cpp:400:7:400:9 | call to unordered_map | |
1908-
| map.cpp:401:7:401:9 | m27 | map.cpp:401:7:401:9 | ref arg m27 | TAINT |
1909-
| map.cpp:401:7:401:9 | m27 | map.cpp:401:11:401:21 | call to try_emplace | TAINT |
19101874
| map.cpp:401:7:401:9 | ref arg m27 | map.cpp:402:7:402:9 | m27 | |
19111875
| map.cpp:401:7:401:9 | ref arg m27 | map.cpp:418:1:418:1 | m27 | |
19121876
| map.cpp:401:23:401:25 | m27 | map.cpp:401:27:401:31 | call to begin | TAINT |
@@ -1935,8 +1899,6 @@
19351899
| map.cpp:405:65:405:67 | call to unordered_map | map.cpp:416:7:416:9 | m31 | |
19361900
| map.cpp:405:65:405:67 | call to unordered_map | map.cpp:417:7:417:9 | m31 | |
19371901
| map.cpp:405:65:405:67 | call to unordered_map | map.cpp:418:1:418:1 | m31 | |
1938-
| map.cpp:406:7:406:9 | m28 | map.cpp:406:7:406:9 | ref arg m28 | TAINT |
1939-
| map.cpp:406:7:406:9 | m28 | map.cpp:406:11:406:21 | call to try_emplace | TAINT |
19401902
| map.cpp:406:7:406:9 | ref arg m28 | map.cpp:407:7:407:9 | m28 | |
19411903
| map.cpp:406:7:406:9 | ref arg m28 | map.cpp:408:7:408:9 | m28 | |
19421904
| map.cpp:406:7:406:9 | ref arg m28 | map.cpp:418:1:418:1 | m28 | |
@@ -1949,8 +1911,6 @@
19491911
| map.cpp:408:7:408:9 | m28 | map.cpp:408:10:408:10 | call to operator[] | TAINT |
19501912
| map.cpp:408:7:408:9 | ref arg m28 | map.cpp:418:1:418:1 | m28 | |
19511913
| map.cpp:408:10:408:10 | call to operator[] | map.cpp:408:7:408:16 | call to pair | TAINT |
1952-
| map.cpp:409:7:409:9 | m29 | map.cpp:409:7:409:9 | ref arg m29 | TAINT |
1953-
| map.cpp:409:7:409:9 | m29 | map.cpp:409:11:409:21 | call to try_emplace | TAINT |
19541914
| map.cpp:409:7:409:9 | ref arg m29 | map.cpp:410:7:410:9 | m29 | |
19551915
| map.cpp:409:7:409:9 | ref arg m29 | map.cpp:411:7:411:9 | m29 | |
19561916
| map.cpp:409:7:409:9 | ref arg m29 | map.cpp:418:1:418:1 | m29 | |
@@ -1963,8 +1923,6 @@
19631923
| map.cpp:411:7:411:9 | m29 | map.cpp:411:10:411:10 | call to operator[] | TAINT |
19641924
| map.cpp:411:7:411:9 | ref arg m29 | map.cpp:418:1:418:1 | m29 | |
19651925
| map.cpp:411:10:411:10 | call to operator[] | map.cpp:411:7:411:16 | call to pair | TAINT |
1966-
| map.cpp:412:7:412:9 | m30 | map.cpp:412:7:412:9 | ref arg m30 | TAINT |
1967-
| map.cpp:412:7:412:9 | m30 | map.cpp:412:11:412:21 | call to try_emplace | TAINT |
19681926
| map.cpp:412:7:412:9 | ref arg m30 | map.cpp:413:7:413:9 | m30 | |
19691927
| map.cpp:412:7:412:9 | ref arg m30 | map.cpp:414:7:414:9 | m30 | |
19701928
| map.cpp:412:7:412:9 | ref arg m30 | map.cpp:418:1:418:1 | m30 | |
@@ -1977,8 +1935,6 @@
19771935
| map.cpp:414:7:414:9 | m30 | map.cpp:414:10:414:10 | call to operator[] | TAINT |
19781936
| map.cpp:414:7:414:9 | ref arg m30 | map.cpp:418:1:418:1 | m30 | |
19791937
| map.cpp:414:10:414:10 | call to operator[] | map.cpp:414:7:414:16 | call to pair | TAINT |
1980-
| map.cpp:415:7:415:9 | m31 | map.cpp:415:7:415:9 | ref arg m31 | TAINT |
1981-
| map.cpp:415:7:415:9 | m31 | map.cpp:415:11:415:21 | call to try_emplace | TAINT |
19821938
| map.cpp:415:7:415:9 | ref arg m31 | map.cpp:416:7:416:9 | m31 | |
19831939
| map.cpp:415:7:415:9 | ref arg m31 | map.cpp:417:7:417:9 | m31 | |
19841940
| map.cpp:415:7:415:9 | ref arg m31 | map.cpp:418:1:418:1 | m31 | |

0 commit comments

Comments
 (0)