hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add an taint step from object to field for 'CComBSTR's.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-11-27 13:38:38 +00:00
parent 9b004848a3
commit 948be09257
3 changed files with 30 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/lib/semmle/code/cpp/models/Models.qll
View File

@@ -51,3 +51,4 @@ private import implementations.StructuredExceptionHandling
private import implementations.ZMQ
private import implementations.Win32CommandExecution
private import implementations.CA2AEX
private import implementations.CComBSTR

16
cpp/ql/lib/semmle/code/cpp/models/implementations/CComBSTR.qll Normal file
View File

@@ -0,0 +1,16 @@
private import cpp
private import semmle.code.cpp.ir.dataflow.FlowSteps
private import semmle.code.cpp.dataflow.new.DataFlow
/** The `CComBSTR` class from the Microsoft "Active Template Library". */
class CcomBstr extends Class {
CcomBstr() { this.hasGlobalName("CComBSTR") }
}
private class Mstr extends Field {
Mstr() { this.getDeclaringType() instanceof CcomBstr and this.hasName("m_str") }
}
private class MstrTaintInheritingContent extends TaintInheritingContent, DataFlow::FieldContent {
MstrTaintInheritingContent() { this.getField() instanceof Mstr }
}