C++: Add annotations describing whether the flow is an instance of field-to-object flow

cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp

@@ -161,20 +161,20 @@ void test_field_to_obj_taint_object(Point p) {
 
 void test_field_to_obj_taint_object_addrof(Point p) {
   taint_x(&p);
-  sink(p); // tainted
-  sink(&p); // tainted
+  sink(p); // tainted [field -> object]
+  sink(&p); // tainted [field -> object]
   sink(p.x); // tainted
 }
 
 void test_field_to_obj_taint_pointer(Point* pp) {
   pp->x = getenv("VAR")[0];
-  sink(pp); // tainted
+  sink(pp); // tainted [field -> object]
   sink(*pp); // not tainted
 }
 
 void call_sink_on_object(Point* pp) {
-  sink(pp); // tainted
-  sink(*pp); // tainted
+  sink(pp); // tainted [field -> object]
+  sink(*pp); // tainted [field -> object]
 }
 
 void test_field_to_obj_taint_call_sink(Point* pp) {
@@ -184,7 +184,7 @@ void test_field_to_obj_taint_call_sink(Point* pp) {
 
 void test_field_to_obj_taint_through_setter(Point* pp) {
   taint_x(pp);
-  sink(pp); // tainted
+  sink(pp); // tainted [field -> object]
   sink(*pp); // not tainted
 }
 
@@ -200,12 +200,12 @@ void test_field_to_obj_local_variable() {
 void test_field_to_obj_taint_array(Point* pp, int i) {
   pp[0].x = getenv("VAR")[0];
   sink(pp[i]); // not tainted
-  sink(pp); // tainted
+  sink(pp); // tainted [field -> object]
   sink(*pp); // not tainted
 }
 
 void test_field_to_obj_test_pointer_arith(Point* pp) {
   (pp + sizeof(*pp))->x = getenv("VAR")[0];
-  sink(pp); // tainted
-  sink(pp + sizeof(*pp)); // tainted
+  sink(pp); // tainted [field -> object]
+  sink(pp + sizeof(*pp)); // tainted [field -> object]
 }