hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add a taint model for 'fopen' and accept test changes.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-10-09 14:40:26 +01:00
parent 201842d2f9
commit 338e82064e
3 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
View File

@@ -6588,6 +6588,7 @@ WARNING: module 'TaintTracking' has been deprecated and may be removed in future
| taint.cpp:785:23:785:28 | source | taint.cpp:786:18:786:23 | source | |
| taint.cpp:785:23:785:28 | source | taint.cpp:790:15:790:20 | source | |
| taint.cpp:786:12:786:16 | call to fopen | taint.cpp:787:7:787:7 | f | |
| taint.cpp:786:18:786:23 | source | taint.cpp:786:12:786:16 | call to fopen | TAINT |
| taint.cpp:789:8:789:9 | f2 | taint.cpp:790:11:790:12 | f2 | |
| taint.cpp:789:8:789:9 | f2 | taint.cpp:791:7:791:8 | f2 | |
| taint.cpp:790:10:790:12 | ref arg & ... | taint.cpp:790:11:790:12 | f2 [inner post update] | |

4
cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
View File

@@ -784,9 +784,9 @@ int fopen_s(FILE** pFile, const char *filename, const char *mode);
void fopen_test(char* source) {
FILE* f = fopen(source, "r");
sink(f); // $ MISSING: ast,ir
sink(f); // $ ast,ir
FILE* f2;
fopen_s(&f2, source, "r");
sink(f2); // $ ast MISSING: ir
sink(f2); // $ ast,ir
}