hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: tests for alias analysis of malloc

Browse Source
This commit is contained in:
Robert Marsh
2020-02-07 16:22:09 -08:00
parent 3c8aeb946a
commit 05c8610bbc
9 changed files with 217 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cpp/ql/test/library-tests/dataflow/security-taint/test.cpp
View File

@@ -76,3 +76,16 @@ void guard() {
if (len > 1000) return;
char **node = (char **) malloc(len * sizeof(char *));
}
const char *alias_global;
void mallocBuffer() {
const char *userName = getenv("USER_NAME");
char *alias = (char*)malloc(4096);
char *copy = (char*)malloc(4096);
strcpy(copy, userName);
alias_global = alias; // to force a Chi node on all aliased memory
if (!strcmp(copy, "admin")) { // copy should be tainted
isAdmin = true;
}
}