Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects

2026-05-02 04:05:14 +02:00 · 2019-10-28 16:50:34 -07:00
parent 120fa6c330 04e3683035
commit 8076156cb1
595 changed files with 22100 additions and 7024 deletions
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/lambdas.cpp
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/lambdas.cpp
@@ -43,5 +43,5 @@ void test_lambdas()
 		c = source();
 	};
 	e(t, u, w);
-	sink(w); // flow from source() [NOT DETECTED]
+	sink(w); // flow from source()
 }
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/ref.cpp
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/ref.cpp
@@ -0,0 +1,134 @@
+int source();
+
+template<typename T>
+void sink(T);
+
+extern int arbitrary;
+
+namespace withoutFields {
+  template<typename T>
+  void assign(T &lhs, T rhs) {
+    lhs = rhs;
+  }
+
+  template<typename T>
+  void assignWrapper(T &lhs, T rhs) {
+    assign(lhs, rhs);
+  }
+
+  void notAssign(int &lhs, int rhs) {
+    lhs = rhs;
+    if (arbitrary) {
+      lhs = 1;
+    } else {
+      lhs = 2;
+    }
+  }
+
+  void sourceToParam(int &out) {
+    out = source();
+    if (arbitrary) {
+      out = 1;
+    }
+  }
+
+  void sourceToParamWrapper(int &out) {
+    if (arbitrary) {
+      sourceToParam(out);
+    } else {
+      out = 1;
+    }
+  }
+
+  void notSource(int &out) {
+    out = source();
+    if (arbitrary) {
+      out = 1;
+    } else {
+      out = 2;
+    }
+  }
+
+  void testRefs() {
+    int x1, x2, x3, x4;
+
+    assignWrapper(x1, source());
+    sink(x1); // flow [FALSE POSITIVE from uninitialized]
+
+    notAssign(x2, source());
+    sink(x2); // no flow [FALSE POSITIVE from uninitialized]
+
+    sourceToParamWrapper(x3);
+    sink(x3); // flow [FALSE POSITIVE from uninitialized]
+
+    notSource(x4);
+    sink(x4); // no flow [FALSE POSITIVE from uninitialized]
+  }
+}
+
+namespace withFields {
+  struct Int {
+    int val;
+  };
+
+  void assign(Int &lhs, int rhs) {
+    lhs.val = rhs;
+  }
+
+  void assignWrapper(Int &lhs, int rhs) {
+    assign(lhs, rhs);
+  }
+
+  void notAssign(Int &lhs, int rhs) {
+    lhs.val = rhs;
+    // Field flow ignores that the field is subsequently overwritten, leading
+    // to false flow here.
+    if (arbitrary) {
+      lhs.val = 1;
+    } else {
+      lhs.val = 2;
+    }
+  }
+
+  void sourceToParam(Int &out) {
+    out.val = source();
+    if (arbitrary) {
+      out.val = 1;
+    }
+  }
+
+  void sourceToParamWrapper(Int &out) {
+    if (arbitrary) {
+      sourceToParam(out);
+    } else {
+      out.val = 1;
+    }
+  }
+
+  void notSource(Int &out) {
+    out.val = source();
+    // Field flow ignores that the field is subsequently overwritten, leading
+    // to false flow here.
+    if (arbitrary) {
+      out.val = 1;
+    } else {
+      out.val = 2;
+    }
+  }
+
+  void testRefs() {
+    Int x1, x2, x3, x4;
+
+    assignWrapper(x1, source());
+    sink(x1.val); // flow
+
+    notAssign(x2, source());
+    sink(x2.val); // no flow [FALSE POSITIVE]
+
+    sourceToParamWrapper(x3);
+    sink(x3.val); // flow
+
+    notSource(x4);
+    sink(x4.val); // no flow [FALSE POSITIVE]
+  }
+}
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected
@@ -11,6 +11,17 @@
 | lambdas.cpp:29:3:29:6 | t | lambdas.cpp:8:10:8:15 | call to source |
 | lambdas.cpp:35:8:35:8 | a | lambdas.cpp:8:10:8:15 | call to source |
 | lambdas.cpp:41:8:41:8 | a | lambdas.cpp:8:10:8:15 | call to source |
+| lambdas.cpp:46:7:46:7 | w | lambdas.cpp:43:7:43:12 | call to source |
+| ref.cpp:56:10:56:11 | x1 | ref.cpp:53:9:53:10 | x1 |
+| ref.cpp:56:10:56:11 | x1 | ref.cpp:55:23:55:28 | call to source |
+| ref.cpp:59:10:59:11 | x2 | ref.cpp:53:13:53:14 | x2 |
+| ref.cpp:62:10:62:11 | x3 | ref.cpp:29:11:29:16 | call to source |
+| ref.cpp:62:10:62:11 | x3 | ref.cpp:53:17:53:18 | x3 |
+| ref.cpp:65:10:65:11 | x4 | ref.cpp:53:21:53:22 | x4 |
+| ref.cpp:123:13:123:15 | val | ref.cpp:122:23:122:28 | call to source |
+| ref.cpp:126:13:126:15 | val | ref.cpp:125:19:125:24 | call to source |
+| ref.cpp:129:13:129:15 | val | ref.cpp:94:15:94:20 | call to source |
+| ref.cpp:132:13:132:15 | val | ref.cpp:109:15:109:20 | call to source |
 | test.cpp:7:8:7:9 | t1 | test.cpp:6:12:6:17 | call to source |
 | test.cpp:9:8:9:9 | t1 | test.cpp:6:12:6:17 | call to source |
 | test.cpp:10:8:10:9 | t2 | test.cpp:6:12:6:17 | call to source |
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_diff.expected
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_diff.expected
@@ -7,11 +7,28 @@
 | lambdas.cpp:8:10:8:15 | lambdas.cpp:18:8:18:8 | AST only |
 | lambdas.cpp:8:10:8:15 | lambdas.cpp:21:3:21:6 | AST only |
 | lambdas.cpp:8:10:8:15 | lambdas.cpp:29:3:29:6 | AST only |
-| lambdas.cpp:8:10:8:15 | lambdas.cpp:35:8:35:8 | AST only |
 | lambdas.cpp:8:10:8:15 | lambdas.cpp:41:8:41:8 | AST only |
+| lambdas.cpp:43:7:43:12 | lambdas.cpp:46:7:46:7 | AST only |
+| ref.cpp:29:11:29:16 | ref.cpp:62:10:62:11 | AST only |
+| ref.cpp:53:9:53:10 | ref.cpp:56:10:56:11 | AST only |
+| ref.cpp:53:13:53:14 | ref.cpp:59:10:59:11 | AST only |
+| ref.cpp:53:17:53:18 | ref.cpp:62:10:62:11 | AST only |
+| ref.cpp:53:21:53:22 | ref.cpp:65:10:65:11 | AST only |
+| ref.cpp:55:23:55:28 | ref.cpp:56:10:56:11 | AST only |
+| ref.cpp:94:15:94:20 | ref.cpp:129:13:129:15 | AST only |
+| ref.cpp:109:15:109:20 | ref.cpp:132:13:132:15 | AST only |
+| ref.cpp:122:23:122:28 | ref.cpp:123:13:123:15 | AST only |
+| ref.cpp:125:19:125:24 | ref.cpp:126:13:126:15 | AST only |
 | test.cpp:89:28:89:34 | test.cpp:92:8:92:14 | IR only |
 | test.cpp:100:13:100:18 | test.cpp:103:10:103:12 | AST only |
 | test.cpp:109:9:109:14 | test.cpp:110:10:110:12 | IR only |
+| test.cpp:138:27:138:32 | test.cpp:140:8:140:8 | AST only |
+| test.cpp:151:33:151:38 | test.cpp:152:8:152:8 | AST only |
+| test.cpp:164:34:164:39 | test.cpp:165:8:165:8 | AST only |
+| test.cpp:171:11:171:16 | test.cpp:178:8:178:8 | AST only |
+| test.cpp:265:22:265:27 | test.cpp:266:12:266:12 | AST only |
+| test.cpp:305:17:305:22 | test.cpp:289:14:289:14 | AST only |
+| test.cpp:314:4:314:9 | test.cpp:318:7:318:7 | AST only |
 | test.cpp:347:17:347:22 | test.cpp:349:10:349:18 | AST only |
 | test.cpp:359:13:359:18 | test.cpp:365:10:365:14 | AST only |
 | test.cpp:373:13:373:18 | test.cpp:369:10:369:14 | AST only |
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
@@ -3,6 +3,7 @@
 | clang.cpp:37:10:37:11 | Load: m2 | clang.cpp:34:32:34:37 | Call: call to source |
 | clang.cpp:41:18:41:19 | Load: m2 | clang.cpp:39:42:39:47 | Call: call to source |
 | clang.cpp:45:17:45:18 | Load: m2 | clang.cpp:43:35:43:40 | Call: call to source |
+| lambdas.cpp:35:8:35:8 | Load: a | lambdas.cpp:8:10:8:15 | Call: call to source |
 | test.cpp:7:8:7:9 | Load: t1 | test.cpp:6:12:6:17 | Call: call to source |
 | test.cpp:9:8:9:9 | Load: t1 | test.cpp:6:12:6:17 | Call: call to source |
 | test.cpp:10:8:10:9 | Load: t2 | test.cpp:6:12:6:17 | Call: call to source |
@@ -18,16 +19,9 @@
 | test.cpp:90:8:90:14 | Load: source1 | test.cpp:89:28:89:34 | InitializeParameter: source1 |
 | test.cpp:92:8:92:14 | Load: source1 | test.cpp:89:28:89:34 | InitializeParameter: source1 |
 | test.cpp:110:10:110:12 | Load: (reference dereference) | test.cpp:109:9:109:14 | Call: call to source |
-| test.cpp:140:8:140:8 | Load: y | test.cpp:138:27:138:32 | Call: call to source |
 | test.cpp:144:8:144:8 | Load: s | test.cpp:151:33:151:38 | Call: call to source |
-| test.cpp:152:8:152:8 | Load: y | test.cpp:151:33:151:38 | Call: call to source |
 | test.cpp:157:8:157:8 | Load: x | test.cpp:164:34:164:39 | Call: call to source |
-| test.cpp:165:8:165:8 | Load: y | test.cpp:164:34:164:39 | Call: call to source |
-| test.cpp:178:8:178:8 | Load: y | test.cpp:171:11:171:16 | Call: call to source |
 | test.cpp:260:12:260:12 | Load: x | test.cpp:245:14:245:19 | Call: call to source |
-| test.cpp:266:12:266:12 | Load: x | test.cpp:265:22:265:27 | Call: call to source |
-| test.cpp:289:14:289:14 | Load: x | test.cpp:305:17:305:22 | Call: call to source |
-| test.cpp:318:7:318:7 | Load: x | test.cpp:314:4:314:9 | Call: call to source |
 | test.cpp:450:9:450:22 | CopyValue: (statement expression) | test.cpp:449:26:449:32 | InitializeParameter: source1 |
 | test.cpp:461:8:461:12 | Load: local | test.cpp:449:26:449:32 | InitializeParameter: source1 |
 | true_upon_entry.cpp:13:8:13:8 | Load: x | true_upon_entry.cpp:9:11:9:16 | Call: call to source |
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.expected
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.expected
@@ -1,3 +1,19 @@
+| ref.cpp:53:9:53:10 | x1 | ref.cpp:55:19:55:20 | x1 |
+| ref.cpp:53:9:53:10 | x1 | ref.cpp:56:10:56:11 | x1 |
+| ref.cpp:53:13:53:14 | x2 | ref.cpp:58:15:58:16 | x2 |
+| ref.cpp:53:13:53:14 | x2 | ref.cpp:59:10:59:11 | x2 |
+| ref.cpp:53:17:53:18 | x3 | ref.cpp:61:26:61:27 | x3 |
+| ref.cpp:53:17:53:18 | x3 | ref.cpp:62:10:62:11 | x3 |
+| ref.cpp:53:21:53:22 | x4 | ref.cpp:64:15:64:16 | x4 |
+| ref.cpp:53:21:53:22 | x4 | ref.cpp:65:10:65:11 | x4 |
+| ref.cpp:120:9:120:10 | x1 | ref.cpp:122:19:122:20 | x1 |
+| ref.cpp:120:9:120:10 | x1 | ref.cpp:123:10:123:11 | x1 |
+| ref.cpp:120:13:120:14 | x2 | ref.cpp:125:15:125:16 | x2 |
+| ref.cpp:120:13:120:14 | x2 | ref.cpp:126:10:126:11 | x2 |
+| ref.cpp:120:17:120:18 | x3 | ref.cpp:128:26:128:27 | x3 |
+| ref.cpp:120:17:120:18 | x3 | ref.cpp:129:10:129:11 | x3 |
+| ref.cpp:120:21:120:22 | x4 | ref.cpp:131:15:131:16 | x4 |
+| ref.cpp:120:21:120:22 | x4 | ref.cpp:132:10:132:11 | x4 |
 | test.cpp:75:7:75:8 | u1 | test.cpp:76:8:76:9 | u1 |
 | test.cpp:83:7:83:8 | u2 | test.cpp:84:13:84:14 | u2 |
 | test.cpp:83:7:83:8 | u2 | test.cpp:85:8:85:9 | u2 |