hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Refactor dataflow examples to use DataFlow::ConfigSig

Browse Source
This commit is contained in:
Jeroen Ketema
2023-03-21 09:02:21 +01:00
parent 4e752369c5
commit 1f75c3836e
4 changed files with 30 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
cpp/ql/test/examples/docs-examples/analyzing-data-flow-in-cpp/fopen-flow-from-getenv.ql
View File

@@ -1,17 +1,15 @@
import cpp
import semmle.code.cpp.dataflow.new.DataFlow
class EnvironmentToFileConfiguration extends DataFlow::Configuration {
EnvironmentToFileConfiguration() { this = "EnvironmentToFileConfiguration" }
override predicate isSource(DataFlow::Node source) {
module EnvironmentToFileConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
exists(Function getenv |
source.asIndirectExpr(1).(FunctionCall).getTarget() = getenv and
getenv.hasGlobalName("getenv")
)
}
override predicate isSink(DataFlow::Node sink) {
predicate isSink(DataFlow::Node sink) {
exists(FunctionCall fc |
sink.asIndirectExpr(1) = fc.getArgument(0) and
fc.getTarget().hasGlobalName("fopen")
@@ -19,11 +17,11 @@ class EnvironmentToFileConfiguration extends DataFlow::Configuration {
}
}
from
Expr getenv, Expr fopen, EnvironmentToFileConfiguration config, DataFlow::Node source,
DataFlow::Node sink
module EnvironmentToFileFlow = DataFlow::Make<EnvironmentToFileConfig>;
from Expr getenv, Expr fopen, DataFlow::Node source, DataFlow::Node sink
where
source.asIndirectExpr(1) = getenv and
sink.asIndirectExpr(1) = fopen and
config.hasFlow(source, sink)
EnvironmentToFileFlow::hasFlow(source, sink)
select fopen, "This 'fopen' uses data from $@.", getenv, "call to 'getenv'"