hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 00:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add implicit read of the 'm_strPath' member.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-11-27 14:18:16 +00:00
parent 354361952a
commit c61395b973
3 changed files with 26 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/lib/semmle/code/cpp/models/Models.qll
View File

@@ -52,3 +52,4 @@ private import implementations.ZMQ
private import implementations.Win32CommandExecution
private import implementations.CA2AEX
private import implementations.CComBSTR
private import implementations.CPathT

16
cpp/ql/lib/semmle/code/cpp/models/implementations/CPathT.qll Normal file
View File

@@ -0,0 +1,16 @@
private import cpp
private import semmle.code.cpp.ir.dataflow.FlowSteps
private import semmle.code.cpp.dataflow.new.DataFlow
/** The `CPathT` class from the Microsoft "Active Template Library". */
class CPathT extends Class {
CPathT() { this.hasGlobalName("CPathT") }
}
private class MStrPath extends Field {
MStrPath() { this.getDeclaringType() instanceof CPathT and this.hasName("m_strPath") }
}
private class MStrPathTaintInheritingContent extends TaintInheritingContent, DataFlow::FieldContent {
MStrPathTaintInheritingContent() { this.getField() instanceof MStrPath }
}

18
cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
View File

@@ -664,45 +664,45 @@ void test_CPathT() {
char* x = indirect_source<char>();
CPath p(x);
sink(static_cast<char*>(p)); // $ MISSING: ir
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
CPath p2(p);
sink(p2.m_strPath); // $ MISSING: ir
sink(p2.m_strPath); // $ ir
{
CPath p;
p.AddExtension(x);
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
}
{
CPath p;
p.Append(x);
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
CPath p2;
p2 += p;
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
CPath p3;
p3 += x;
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
}
{
CPath p;
p.Combine(x, nullptr);
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
}
{
CPath p;
p.Combine(nullptr, x);
sink(p.m_strPath); // $ MISSING: ir
sink(p.m_strPath); // $ ir
}
{
CPath p;
auto p2 = p.CommonPrefix(x);
sink(p2.m_strPath); // $ MISSING: ir
sink(p2.m_strPath); // $ ir
sink(p2.GetExtension()); // $ ir
}
}