From 7437de2909ebdea6dd2265218cab1906b9d716eb Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 27 Feb 2023 13:21:11 +0000 Subject: [PATCH 1/3] C++: Fix issue where 'getEnclosingCallable' didn't exist for some globals. --- .../code/cpp/ir/dataflow/internal/DataFlowUtil.qll | 14 +++++++------- .../dataflow-ir-consistency.expected | 4 ---- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index ee35be5eec2..d0724710203 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -461,7 +461,7 @@ class PostFieldUpdateNode extends TPostFieldUpdateNode, PartialDefinitionNode { PostFieldUpdateNode() { this = TPostFieldUpdateNode(fieldAddress, indirectionIndex) } - override Function getFunction() { result = fieldAddress.getUse().getEnclosingFunction() } + override Declaration getFunction() { result = fieldAddress.getUse().getEnclosingFunction() } override Declaration getEnclosingCallable() { result = this.getFunction() } @@ -543,7 +543,7 @@ class SideEffectOperandNode extends Node, IndirectOperand { override Declaration getEnclosingCallable() { result = this.getFunction() } - override Function getFunction() { result = call.getEnclosingFunction() } + override Declaration getFunction() { result = call.getEnclosingFunction() } Expr getArgument() { result = call.getArgument(argumentIndex).getUnconvertedResultExpression() } } @@ -629,7 +629,7 @@ class IndirectParameterNode extends Node, IndirectInstruction { override Declaration getEnclosingCallable() { result = this.getFunction() } - override Function getFunction() { result = this.getInstruction().getEnclosingFunction() } + override Declaration getFunction() { result = this.getInstruction().getEnclosingFunction() } override string toStringImpl() { result = this.getParameter().toString() + " indirection" @@ -702,7 +702,7 @@ class IndirectArgumentOutNode extends Node, TIndirectArgumentOutNode, PartialDef override Declaration getEnclosingCallable() { result = this.getFunction() } - override Function getFunction() { result = this.getCallInstruction().getEnclosingFunction() } + override Declaration getFunction() { result = this.getCallInstruction().getEnclosingFunction() } override Node getPreUpdateNode() { hasOperandAndIndex(result, operand, indirectionIndex) } @@ -847,7 +847,7 @@ class RawIndirectOperand extends Node, TRawIndirectOperand { /** Gets the underlying indirection index. */ int getIndirectionIndex() { result = indirectionIndex } - override Function getFunction() { result = this.getOperand().getDef().getEnclosingFunction() } + override Declaration getFunction() { result = this.getOperand().getDef().getEnclosingFunction() } override Declaration getEnclosingCallable() { result = this.getFunction() } @@ -888,7 +888,7 @@ class FinalParameterNode extends Node, TFinalParameterNode { /** Gets the argument index associated with this final use. */ final int getArgumentIndex() { result = p.getIndex() } - override Function getFunction() { result = p.getFunction() } + override Declaration getFunction() { result = p.getFunction() } override Declaration getEnclosingCallable() { result = this.getFunction() } @@ -945,7 +945,7 @@ class RawIndirectInstruction extends Node, TRawIndirectInstruction { /** Gets the underlying indirection index. */ int getIndirectionIndex() { result = indirectionIndex } - override Function getFunction() { result = this.getInstruction().getEnclosingFunction() } + override Declaration getFunction() { result = this.getInstruction().getEnclosingFunction() } override Declaration getEnclosingCallable() { result = this.getFunction() } diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected index caffafacef8..5525644e708 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected @@ -1,8 +1,4 @@ uniqueEnclosingCallable -| globals.cpp:9:5:9:19 | flowTestGlobal1 indirection | Node should have one enclosing callable but has 0. | -| globals.cpp:9:5:9:19 | flowTestGlobal1 indirection | Node should have one enclosing callable but has 0. | -| globals.cpp:16:12:16:26 | flowTestGlobal2 indirection | Node should have one enclosing callable but has 0. | -| globals.cpp:16:12:16:26 | flowTestGlobal2 indirection | Node should have one enclosing callable but has 0. | uniqueType uniqueNodeLocation missingLocation From d628905156a8d068afa4d94922cb1dc67cad70f1 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 27 Feb 2023 17:13:23 +0000 Subject: [PATCH 2/3] C++: Accept more test changes. --- .../syntax-zoo/dataflow-ir-consistency.expected | 8 -------- 1 file changed, 8 deletions(-) diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected index 167f926c931..5e6e13c4750 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected @@ -1,12 +1,4 @@ uniqueEnclosingCallable -| cpp11.cpp:36:5:36:14 | global_int indirection | Node should have one enclosing callable but has 0. | -| cpp11.cpp:36:5:36:14 | global_int indirection | Node should have one enclosing callable but has 0. | -| misc.c:10:5:10:13 | topLevel1 indirection | Node should have one enclosing callable but has 0. | -| misc.c:10:5:10:13 | topLevel1 indirection | Node should have one enclosing callable but has 0. | -| misc.c:11:5:11:13 | topLevel2 indirection | Node should have one enclosing callable but has 0. | -| misc.c:11:5:11:13 | topLevel2 indirection | Node should have one enclosing callable but has 0. | -| misc.c:210:5:210:20 | global_with_init indirection | Node should have one enclosing callable but has 0. | -| misc.c:210:5:210:20 | global_with_init indirection | Node should have one enclosing callable but has 0. | uniqueType uniqueNodeLocation | allocators.cpp:14:5:14:8 | Phi | Node should have one location but has 4. | From 2a9133aae0b6627c87000e7864c3feeb979d6ca1 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 27 Feb 2023 17:15:53 +0000 Subject: [PATCH 3/3] C++: Accept query-test changes. --- cpp/ql/test/query-tests/Security/CWE/CWE-611/tests3.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-611/tests3.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-611/tests3.cpp index 63ee3a6e5b1..064eadac4fa 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-611/tests3.cpp +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-611/tests3.cpp @@ -35,7 +35,7 @@ void test3_2(InputSource &data) { SAX2XMLReader *p_3_3 = XMLReaderFactory::createXMLReader(); void test3_3(InputSource &data) { - p_3_3->parse(data); // BAD (parser not correctly configured) [NOT DETECTED] + p_3_3->parse(data); // BAD (parser not correctly configured) } SAX2XMLReader *p_3_4 = XMLReaderFactory::createXMLReader(); @@ -53,7 +53,7 @@ void test3_5_init() { void test3_5(InputSource &data) { test3_5_init(); - p_3_5->parse(data); // GOOD + p_3_5->parse(data); // GOOD [FALSE POSITIVE] } void test3_6(InputSource &data) {