C++: Additional model for 'this' flow through chains.

2026-05-05 05:35:13 +02:00 · 2020-09-17 12:45:08 +01:00
parent 73399cb5f7
commit 5cc11f1c44
5 changed files with 42 additions and 4 deletions
--- a/cpp/ql/test/library-tests/dataflow/taint-tests/stringstream.cpp
+++ b/cpp/ql/test/library-tests/dataflow/taint-tests/stringstream.cpp
@@ -259,10 +259,10 @@ void test_chaining()
 	char b1[1000] = {0};
 	char b2[1000] = {0};

-	sink(ss1.get(b1, 100).unget().get(b2, 100)); // tainted [NOT DETECTED]
+	sink(ss1.get(b1, 100).unget().get(b2, 100)); // tainted
 	sink(b1); // tainted
-	sink(b2); // tainted [NOT DETECTED]
+	sink(b2); // tainted

-	sink(ss2.write("abc", 3).flush().write(source(), 3).flush().write("xyz", 3)); // tainted [NOT DETECTED]
-	sink(ss2); // tainted [NOT DETECTED]
+	sink(ss2.write("abc", 3).flush().write(source(), 3).flush().write("xyz", 3)); // tainted
+	sink(ss2); // tainted
 }