hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add test to show missing taint steps for std::vector::emplace/_back

Browse Source
This commit is contained in:
Cornelius Riemenschneider
2020-11-02 11:47:25 +01:00
parent 081ab1e2bb
commit 62a02cde73
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
View File

@@ -7231,3 +7231,21 @@
| vector.cpp:484:29:484:33 | call to c_str | vector.cpp:484:3:484:8 | call to memcpy | TAINT |
| vector.cpp:484:29:484:33 | call to c_str | vector.cpp:484:10:484:22 | ref arg & ... | TAINT |
| vector.cpp:486:8:486:9 | ref arg cs | vector.cpp:487:2:487:2 | cs | |
| vector.cpp:491:22:491:24 | call to vector | vector.cpp:493:2:493:3 | v1 | |
| vector.cpp:491:22:491:24 | call to vector | vector.cpp:494:7:494:8 | v1 | |
| vector.cpp:491:22:491:24 | call to vector | vector.cpp:498:1:498:1 | v1 | |
| vector.cpp:491:30:491:32 | call to vector | vector.cpp:496:2:496:3 | v2 | |
| vector.cpp:491:30:491:32 | call to vector | vector.cpp:496:13:496:14 | v2 | |
| vector.cpp:491:30:491:32 | call to vector | vector.cpp:497:7:497:8 | v2 | |
| vector.cpp:491:30:491:32 | call to vector | vector.cpp:498:1:498:1 | v2 | |
| vector.cpp:493:2:493:3 | ref arg v1 | vector.cpp:494:7:494:8 | v1 | |
| vector.cpp:493:2:493:3 | ref arg v1 | vector.cpp:498:1:498:1 | v1 | |
| vector.cpp:494:7:494:8 | ref arg v1 | vector.cpp:498:1:498:1 | v1 | |
| vector.cpp:496:2:496:3 | ref arg v2 | vector.cpp:497:7:497:8 | v2 | |
| vector.cpp:496:2:496:3 | ref arg v2 | vector.cpp:498:1:498:1 | v2 | |
| vector.cpp:496:13:496:14 | ref arg v2 | vector.cpp:496:2:496:3 | v2 | |
| vector.cpp:496:13:496:14 | ref arg v2 | vector.cpp:497:7:497:8 | v2 | |
| vector.cpp:496:13:496:14 | ref arg v2 | vector.cpp:498:1:498:1 | v2 | |
| vector.cpp:496:13:496:14 | v2 | vector.cpp:496:16:496:20 | call to begin | TAINT |
| vector.cpp:496:16:496:20 | call to begin | vector.cpp:496:13:496:22 | call to iterator | TAINT |
| vector.cpp:497:7:497:8 | ref arg v2 | vector.cpp:498:1:498:1 | v2 | |

10
cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp
View File

@@ -486,3 +486,13 @@ void test_vector_memcpy()
sink(cs); // tainted [NOT DETECTED by IR]
}
}
void test_vector_emplace() {
std::vector<int> v1(10), v2(10);
v1.emplace_back(source());
sink(v1); // tainted
v2.emplace(v2.begin(), source());
sink(v2); // tainted
}