hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Restore some of the lost test results by doing operand -> instruction taint steps in IR TaintTracking.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2021-03-02 15:45:40 +01:00
parent 23d3109071
commit eb4f1e1ba0
5 changed files with 62 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/defaulttainttracking.cpp
View File

@@ -13,8 +13,8 @@ int main() {
sink(_strdup(getenv("VAR"))); // $ MISSING: ast,ir
sink(strdup(getenv("VAR"))); // $ ast MISSING: ir
sink(_strdup(getenv("VAR"))); // $ ir MISSING: ast
sink(strdup(getenv("VAR"))); // $ ast,ir
sink(unmodeled_function(getenv("VAR"))); // clean by assumption
char untainted_buf[100] = "";

6
cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
View File

@@ -369,9 +369,9 @@ void test_strdup(char *source)
a = strdup(source);
b = strdup("hello, world");
c = strndup(source, 100);
sink(a); // $ ast MISSING: ir
sink(a); // $ ast,ir
sink(b);
sink(c); // $ ast MISSING: ir
sink(c); // $ ast,ir
}
void test_strndup(int source)
@@ -388,7 +388,7 @@ void test_wcsdup(wchar_t *source)
a = wcsdup(source);
b = wcsdup(L"hello, world");
sink(a); // $ ast MISSING: ir
sink(a); // $ ast,ir
sink(b);
}