mirror of
https://github.com/github/codeql.git
synced 2026-05-27 17:41:24 +02:00
Compare commits
5 Commits
aibaars/ru
...
jeongsoole
| Author | SHA1 | Date | |
|---|---|---|---|
|
2931b95074 | ||
|
|
44b1bc90fb | ||
|
|
c327e6ff07 | ||
|
|
f0dfa51fb9 | ||
|
|
06e3a01314 |
2
.github/workflows/csharp-qltest.yml
vendored
2
.github/workflows/csharp-qltest.yml
vendored
@@ -66,6 +66,6 @@ jobs:
|
||||
# Update existing stubs in the repo with the freshly generated ones
|
||||
mv "$STUBS_PATH/output/stubs/_frameworks" ql/test/resources/stubs/
|
||||
git status
|
||||
codeql test run --threads=0 --search-path "${{ github.workspace }}" --check-databases --check-diff-informed --check-undefined-labels --check-repeated-labels --check-redefined-labels --consistency-queries ql/consistency-queries -- ql/test/library-tests/dataflow/flowsources/aspremote
|
||||
codeql test run --threads=0 --search-path "${{ github.workspace }}" --check-databases --check-undefined-labels --check-repeated-labels --check-redefined-labels --consistency-queries ql/consistency-queries -- ql/test/library-tests/dataflow/flowsources/aspremote
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ github.token }}
|
||||
|
||||
3
.github/workflows/go-tests-other-os.yml
vendored
3
.github/workflows/go-tests-other-os.yml
vendored
@@ -26,8 +26,9 @@ jobs:
|
||||
uses: ./go/actions/test
|
||||
|
||||
test-win:
|
||||
if: github.repository_owner == 'github'
|
||||
name: Test Windows
|
||||
runs-on: windows-latest
|
||||
runs-on: windows-latest-xl
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
2
.github/workflows/mad_modelDiff.yml
vendored
2
.github/workflows/mad_modelDiff.yml
vendored
@@ -68,7 +68,7 @@ jobs:
|
||||
DATABASE=$2
|
||||
cd codeql-$QL_VARIANT
|
||||
SHORTNAME=`basename $DATABASE`
|
||||
python misc/scripts/models-as-data/generate_mad.py --language java --with-summaries --with-sinks $DATABASE $SHORTNAME/$QL_VARIANT
|
||||
python java/ql/src/utils/modelgenerator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE $SHORTNAME/$QL_VARIANT
|
||||
mkdir -p $MODELS/$SHORTNAME
|
||||
mv java/ql/lib/ext/generated/$SHORTNAME/$QL_VARIANT $MODELS/$SHORTNAME
|
||||
cd ..
|
||||
|
||||
2
.github/workflows/ruby-qltest-rtjo.yml
vendored
2
.github/workflows/ruby-qltest-rtjo.yml
vendored
@@ -35,6 +35,6 @@ jobs:
|
||||
key: ruby-qltest
|
||||
- name: Run QL tests
|
||||
run: |
|
||||
codeql test run --dynamic-join-order-mode=all --threads=0 --ram 50000 --search-path "${{ github.workspace }}" --check-databases --check-diff-informed --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
||||
codeql test run --dynamic-join-order-mode=all --threads=0 --ram 50000 --search-path "${{ github.workspace }}" --check-databases --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ github.token }}
|
||||
|
||||
2
.github/workflows/ruby-qltest.yml
vendored
2
.github/workflows/ruby-qltest.yml
vendored
@@ -68,6 +68,6 @@ jobs:
|
||||
key: ruby-qltest
|
||||
- name: Run QL tests
|
||||
run: |
|
||||
codeql test run --threads=0 --ram 50000 --search-path "${{ github.workspace }}" --check-databases --check-diff-informed --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
||||
codeql test run --threads=0 --ram 50000 --search-path "${{ github.workspace }}" --check-databases --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ github.token }}
|
||||
|
||||
2
.github/workflows/swift.yml
vendored
2
.github/workflows/swift.yml
vendored
@@ -32,7 +32,7 @@ jobs:
|
||||
if: github.repository_owner == 'github'
|
||||
strategy:
|
||||
matrix:
|
||||
runner: [ubuntu-latest, macos-15-xlarge]
|
||||
runner: [ubuntu-latest, macos-13-xlarge]
|
||||
fail-fast: false
|
||||
runs-on: ${{ matrix.runner }}
|
||||
steps:
|
||||
|
||||
5
.gitignore
vendored
5
.gitignore
vendored
@@ -62,7 +62,6 @@ node_modules/
|
||||
|
||||
# Temporary folders for working with generated models
|
||||
.model-temp
|
||||
/mad-generation-build
|
||||
|
||||
# bazel-built in-tree extractor packs
|
||||
/*/extractor-pack
|
||||
@@ -72,7 +71,3 @@ node_modules/
|
||||
|
||||
# cargo build directory
|
||||
/target
|
||||
|
||||
# some upgrade/downgrade checks create these files
|
||||
**/upgrades/*/*.dbscheme.stats
|
||||
**/downgrades/*/*.dbscheme.stats
|
||||
|
||||
@@ -17,7 +17,6 @@
|
||||
|
||||
# Experimental CodeQL cryptography
|
||||
**/experimental/quantum/ @github/ps-codeql
|
||||
/shared/quantum/ @github/ps-codeql
|
||||
|
||||
# CodeQL tools and associated docs
|
||||
/docs/codeql/codeql-cli/ @github/codeql-cli-reviewers
|
||||
|
||||
46
Cargo.lock
generated
46
Cargo.lock
generated
@@ -242,8 +242,6 @@ version = "1.2.7"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a012a0df96dd6d06ba9a1b29d6402d1a5d77c6befd2566afdc26e10603dc93d7"
|
||||
dependencies = [
|
||||
"jobserver",
|
||||
"libc",
|
||||
"shlex",
|
||||
]
|
||||
|
||||
@@ -392,7 +390,6 @@ dependencies = [
|
||||
"tree-sitter",
|
||||
"tree-sitter-json",
|
||||
"tree-sitter-ql",
|
||||
"zstd",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
@@ -986,15 +983,6 @@ version = "1.0.15"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
|
||||
|
||||
[[package]]
|
||||
name = "jobserver"
|
||||
version = "0.1.32"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "48d1dbcbbeb6a7fec7e059840aa538bd62aaccf972c7346c4d9d2059312853d0"
|
||||
dependencies = [
|
||||
"libc",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "jod-thread"
|
||||
version = "0.1.2"
|
||||
@@ -1346,12 +1334,6 @@ version = "0.2.16"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b"
|
||||
|
||||
[[package]]
|
||||
name = "pkg-config"
|
||||
version = "0.3.32"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
|
||||
|
||||
[[package]]
|
||||
name = "portable-atomic"
|
||||
version = "1.11.0"
|
||||
@@ -3045,31 +3027,3 @@ dependencies = [
|
||||
"quote",
|
||||
"syn",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "zstd"
|
||||
version = "0.13.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e91ee311a569c327171651566e07972200e76fcfe2242a4fa446149a3881c08a"
|
||||
dependencies = [
|
||||
"zstd-safe",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "zstd-safe"
|
||||
version = "7.2.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8f49c4d5f0abb602a93fb8736af2a4f4dd9512e36f7f570d66e65ff867ed3b9d"
|
||||
dependencies = [
|
||||
"zstd-sys",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "zstd-sys"
|
||||
version = "2.0.15+zstd.1.5.7"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "eb81183ddd97d0c74cedf1d50d85c8d08c1b8b68ee863bdee9e706eedba1a237"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"pkg-config",
|
||||
]
|
||||
|
||||
@@ -10,7 +10,6 @@ members = [
|
||||
"rust/ast-generator",
|
||||
"rust/autobuild",
|
||||
]
|
||||
exclude = ["mad-generation-build"]
|
||||
|
||||
[patch.crates-io]
|
||||
# patch for build script bug preventing bazel build
|
||||
|
||||
18
MODULE.bazel
18
MODULE.bazel
@@ -24,7 +24,7 @@ bazel_dep(name = "bazel_skylib", version = "1.7.1")
|
||||
bazel_dep(name = "abseil-cpp", version = "20240116.1", repo_name = "absl")
|
||||
bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
|
||||
bazel_dep(name = "fmt", version = "10.0.0")
|
||||
bazel_dep(name = "rules_kotlin", version = "2.1.3-codeql.1")
|
||||
bazel_dep(name = "rules_kotlin", version = "2.0.0-codeql.1")
|
||||
bazel_dep(name = "gazelle", version = "0.40.0")
|
||||
bazel_dep(name = "rules_dotnet", version = "0.17.4")
|
||||
bazel_dep(name = "googletest", version = "1.14.0.bcr.1")
|
||||
@@ -124,7 +124,6 @@ use_repo(
|
||||
"vendor_ts__tree-sitter-ruby-0.23.1",
|
||||
"vendor_ts__triomphe-0.1.14",
|
||||
"vendor_ts__ungrammar-1.16.1",
|
||||
"vendor_ts__zstd-0.13.3",
|
||||
)
|
||||
|
||||
http_archive = use_repo_rule("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
||||
@@ -194,6 +193,10 @@ use_repo(
|
||||
kotlin_extractor_deps,
|
||||
"codeql_kotlin_defaults",
|
||||
"codeql_kotlin_embeddable",
|
||||
"kotlin-compiler-1.5.0",
|
||||
"kotlin-compiler-1.5.10",
|
||||
"kotlin-compiler-1.5.20",
|
||||
"kotlin-compiler-1.5.30",
|
||||
"kotlin-compiler-1.6.0",
|
||||
"kotlin-compiler-1.6.20",
|
||||
"kotlin-compiler-1.7.0",
|
||||
@@ -205,7 +208,10 @@ use_repo(
|
||||
"kotlin-compiler-2.0.20-Beta2",
|
||||
"kotlin-compiler-2.1.0-Beta1",
|
||||
"kotlin-compiler-2.1.20-Beta1",
|
||||
"kotlin-compiler-2.2.0-Beta1",
|
||||
"kotlin-compiler-embeddable-1.5.0",
|
||||
"kotlin-compiler-embeddable-1.5.10",
|
||||
"kotlin-compiler-embeddable-1.5.20",
|
||||
"kotlin-compiler-embeddable-1.5.30",
|
||||
"kotlin-compiler-embeddable-1.6.0",
|
||||
"kotlin-compiler-embeddable-1.6.20",
|
||||
"kotlin-compiler-embeddable-1.7.0",
|
||||
@@ -217,7 +223,10 @@ use_repo(
|
||||
"kotlin-compiler-embeddable-2.0.20-Beta2",
|
||||
"kotlin-compiler-embeddable-2.1.0-Beta1",
|
||||
"kotlin-compiler-embeddable-2.1.20-Beta1",
|
||||
"kotlin-compiler-embeddable-2.2.0-Beta1",
|
||||
"kotlin-stdlib-1.5.0",
|
||||
"kotlin-stdlib-1.5.10",
|
||||
"kotlin-stdlib-1.5.20",
|
||||
"kotlin-stdlib-1.5.30",
|
||||
"kotlin-stdlib-1.6.0",
|
||||
"kotlin-stdlib-1.6.20",
|
||||
"kotlin-stdlib-1.7.0",
|
||||
@@ -229,7 +238,6 @@ use_repo(
|
||||
"kotlin-stdlib-2.0.20-Beta2",
|
||||
"kotlin-stdlib-2.1.0-Beta1",
|
||||
"kotlin-stdlib-2.1.20-Beta1",
|
||||
"kotlin-stdlib-2.2.0-Beta1",
|
||||
)
|
||||
|
||||
go_sdk = use_extension("@rules_go//go:extensions.bzl", "go_sdk")
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 0.4.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.4.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 0.4.9
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.9
|
||||
lastReleaseVersion: 0.4.8
|
||||
|
||||
@@ -22,21 +22,16 @@ extensions:
|
||||
- ["actions/stale", "pull-requests: write"]
|
||||
- ["actions/attest-build-provenance", "id-token: write"]
|
||||
- ["actions/attest-build-provenance", "attestations: write"]
|
||||
- ["actions/deploy-pages", "pages: write"]
|
||||
- ["actions/deploy-pages", "id-token: write"]
|
||||
- ["actions/delete-package-versions", "packages: write"]
|
||||
- ["actions/jekyll-build-pages", "contents: read"]
|
||||
- ["actions/jekyll-build-pages", "pages: write"]
|
||||
- ["actions/jekyll-build-pages", "id-token: write"]
|
||||
- ["actions/publish-action", "contents: write"]
|
||||
- ["actions/versions-package-tools", "contents: read"]
|
||||
- ["actions/versions-package-tools", "contents: read"]
|
||||
- ["actions/versions-package-tools", "actions: read"]
|
||||
- ["actions/reusable-workflows", "contents: read"]
|
||||
- ["actions/reusable-workflows", "contents: read"]
|
||||
- ["actions/reusable-workflows", "actions: read"]
|
||||
- ["actions/ai-inference", "contents: read"]
|
||||
- ["actions/ai-inference", "models: read"]
|
||||
# TODO: Add permissions for actions/download-artifact
|
||||
# TODO: Add permissions for actions/upload-artifact
|
||||
# No permissions needed for actions/upload-pages-artifact
|
||||
# TODO: Add permissions for actions/cache
|
||||
# No permissions needed for actions/configure-pages
|
||||
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.10-dev
|
||||
version: 0.4.9-dev
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 0.6.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.6.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
|
||||
@@ -1,3 +0,0 @@
|
||||
## 0.6.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.1
|
||||
lastReleaseVersion: 0.6.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.6.2-dev
|
||||
version: 0.6.1-dev
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
on:
|
||||
workflow_call:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build and test
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/ai-inference
|
||||
@@ -1,10 +0,0 @@
|
||||
on:
|
||||
workflow_call:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build and test
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/deploy-pages
|
||||
@@ -1,10 +0,0 @@
|
||||
on:
|
||||
workflow_call:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build and test
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/delete-package-versions
|
||||
@@ -3,6 +3,3 @@
|
||||
| .github/workflows/perms5.yml:7:5:10:32 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read} |
|
||||
| .github/workflows/perms6.yml:7:5:11:39 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read, id-token: write, pages: write} |
|
||||
| .github/workflows/perms7.yml:7:5:10:38 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {} |
|
||||
| .github/workflows/perms8.yml:7:5:10:33 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {id-token: write, pages: write} |
|
||||
| .github/workflows/perms9.yml:7:5:10:44 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {packages: write} |
|
||||
| .github/workflows/perms10.yml:7:5:10:33 | Job: build | Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read, models: read} |
|
||||
|
||||
@@ -299,7 +299,6 @@ ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SigningAlgorithms.q
|
||||
ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SymmetricEncryptionAlgorithms.ql
|
||||
ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SymmetricPaddingAlgorithms.ql
|
||||
ql/cpp/ql/src/experimental/cryptography/inventory/new_models/UnknownAsymmetricKeyGeneration.ql
|
||||
ql/cpp/ql/src/experimental/quantum/PrintCBOMGraph.ql
|
||||
ql/cpp/ql/src/external/examples/filters/BumpMetricBy10.ql
|
||||
ql/cpp/ql/src/external/examples/filters/EditDefectMessage.ql
|
||||
ql/cpp/ql/src/external/examples/filters/ExcludeGeneratedCode.ql
|
||||
|
||||
@@ -1,9 +1,3 @@
|
||||
## 4.3.1
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed an infinite loop in `semmle.code.cpp.rangeanalysis.new.RangeAnalysis` when computing ranges in very large and complex function bodies.
|
||||
|
||||
## 4.3.0
|
||||
|
||||
### New Features
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added support for `wmain` as part of the ArgvSource model.
|
||||
@@ -1,9 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
|
||||
* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
|
||||
* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
|
||||
* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
|
||||
* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
|
||||
* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
|
||||
* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
|
||||
* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
|
||||
@@ -1,5 +0,0 @@
|
||||
## 4.3.1
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed an infinite loop in `semmle.code.cpp.rangeanalysis.new.RangeAnalysis` when computing ranges in very large and complex function bodies.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 4.3.1
|
||||
lastReleaseVersion: 4.3.0
|
||||
|
||||
@@ -1,129 +0,0 @@
|
||||
private import cpp as Language
|
||||
import semmle.code.cpp.dataflow.new.TaintTracking
|
||||
import codeql.quantum.experimental.Model
|
||||
private import OpenSSL.GenericSourceCandidateLiteral
|
||||
|
||||
module CryptoInput implements InputSig<Language::Location> {
|
||||
class DataFlowNode = DataFlow::Node;
|
||||
|
||||
class LocatableElement = Language::Locatable;
|
||||
|
||||
class UnknownLocation = Language::UnknownDefaultLocation;
|
||||
|
||||
LocatableElement dfn_to_element(DataFlow::Node node) {
|
||||
result = node.asExpr() or
|
||||
result = node.asParameter() or
|
||||
result = node.asVariable()
|
||||
}
|
||||
|
||||
string locationToFileBaseNameAndLineNumberString(Location location) {
|
||||
result = location.getFile().getBaseName() + ":" + location.getStartLine()
|
||||
}
|
||||
|
||||
predicate artifactOutputFlowsToGenericInput(
|
||||
DataFlow::Node artifactOutput, DataFlow::Node otherInput
|
||||
) {
|
||||
ArtifactFlow::flow(artifactOutput, otherInput)
|
||||
}
|
||||
}
|
||||
|
||||
module Crypto = CryptographyBase<Language::Location, CryptoInput>;
|
||||
|
||||
module ArtifactFlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source = any(Crypto::ArtifactInstance artifact).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
sink = any(Crypto::FlowAwareElement other).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierOut(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierIn(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
node1.(AdditionalFlowInputStep).getOutput() = node2
|
||||
}
|
||||
}
|
||||
|
||||
module ArtifactFlow = DataFlow::Global<ArtifactFlowConfig>;
|
||||
|
||||
/**
|
||||
* Artifact output to node input configuration
|
||||
*/
|
||||
abstract class AdditionalFlowInputStep extends DataFlow::Node {
|
||||
abstract DataFlow::Node getOutput();
|
||||
|
||||
final DataFlow::Node getInput() { result = this }
|
||||
}
|
||||
|
||||
/**
|
||||
* Generic data source to node input configuration
|
||||
*/
|
||||
module GenericDataSourceFlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source = any(Crypto::GenericSourceInstance i).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
sink = any(Crypto::FlowAwareElement other).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierOut(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierIn(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
node1.(AdditionalFlowInputStep).getOutput() = node2
|
||||
}
|
||||
}
|
||||
|
||||
module GenericDataSourceFlow = TaintTracking::Global<GenericDataSourceFlowConfig>;
|
||||
|
||||
private class ConstantDataSource extends Crypto::GenericConstantSourceInstance instanceof Literal {
|
||||
ConstantDataSource() { this instanceof OpenSSLGenericSourceCandidateLiteral }
|
||||
|
||||
override DataFlow::Node getOutputNode() { result.asExpr() = this }
|
||||
|
||||
override predicate flowsTo(Crypto::FlowAwareElement other) {
|
||||
// TODO: separate config to avoid blowing up data-flow analysis
|
||||
GenericDataSourceFlow::flow(this.getOutputNode(), other.getInputNode())
|
||||
}
|
||||
|
||||
override string getAdditionalDescription() { result = this.toString() }
|
||||
}
|
||||
|
||||
module ArtifactUniversalFlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source = any(Crypto::ArtifactInstance artifact).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
sink = any(Crypto::FlowAwareElement other).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierOut(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getInputNode()
|
||||
}
|
||||
|
||||
predicate isBarrierIn(DataFlow::Node node) {
|
||||
node = any(Crypto::FlowAwareElement element).getOutputNode()
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
node1.(AdditionalFlowInputStep).getOutput() = node2
|
||||
}
|
||||
}
|
||||
|
||||
module ArtifactUniversalFlow = DataFlow::Global<ArtifactUniversalFlowConfig>;
|
||||
|
||||
import OpenSSL.OpenSSL
|
||||
@@ -1,173 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import semmle.code.cpp.dataflow.new.DataFlow
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
private import PaddingAlgorithmInstance
|
||||
|
||||
/**
|
||||
* Traces 'known algorithms' to AVCs, specifically
|
||||
* algorithms that are in the set of known algorithm constants.
|
||||
* Padding-specific consumers exist that have their own values that
|
||||
* overlap with the known algorithm constants.
|
||||
* Padding consumers (specific padding consumers) are excluded from the set of sinks.
|
||||
*/
|
||||
module KnownOpenSSLAlgorithmToAlgorithmValueConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.asExpr() instanceof KnownOpenSSLAlgorithmConstant
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(OpenSSLAlgorithmValueConsumer c |
|
||||
c.getInputNode() = sink and
|
||||
// exclude padding algorithm consumers, since
|
||||
// these consumers take in different constant values
|
||||
// not in the typical "known algorithm" set
|
||||
not c instanceof PaddingAlgorithmValueConsumer
|
||||
)
|
||||
}
|
||||
|
||||
predicate isBarrier(DataFlow::Node node) {
|
||||
// False positive reducer, don't flow out through argv
|
||||
exists(VariableAccess va, Variable v |
|
||||
v.getAnAccess() = va and va = node.asExpr()
|
||||
or
|
||||
va = node.asIndirectExpr()
|
||||
|
|
||||
v.getName().matches("%argv")
|
||||
)
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
knownPassThroughStep(node1, node2)
|
||||
}
|
||||
}
|
||||
|
||||
module KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow =
|
||||
DataFlow::Global<KnownOpenSSLAlgorithmToAlgorithmValueConsumerConfig>;
|
||||
|
||||
module RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof OpenSSLPaddingLiteral }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(PaddingAlgorithmValueConsumer c | c.getInputNode() = sink)
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
knownPassThroughStep(node1, node2)
|
||||
}
|
||||
}
|
||||
|
||||
module RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow =
|
||||
DataFlow::Global<RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig>;
|
||||
|
||||
class OpenSSLAlgorithmAdditionalFlowStep extends AdditionalFlowInputStep {
|
||||
OpenSSLAlgorithmAdditionalFlowStep() { exists(AlgorithmPassthroughCall c | c.getInNode() = this) }
|
||||
|
||||
override DataFlow::Node getOutput() {
|
||||
exists(AlgorithmPassthroughCall c | c.getInNode() = this and c.getOutNode() = result)
|
||||
}
|
||||
}
|
||||
|
||||
abstract class AlgorithmPassthroughCall extends Call {
|
||||
abstract DataFlow::Node getInNode();
|
||||
|
||||
abstract DataFlow::Node getOutNode();
|
||||
}
|
||||
|
||||
class CopyAndDupAlgorithmPassthroughCall extends AlgorithmPassthroughCall {
|
||||
DataFlow::Node inNode;
|
||||
DataFlow::Node outNode;
|
||||
|
||||
CopyAndDupAlgorithmPassthroughCall() {
|
||||
// Flow out through any return or other argument of the same type
|
||||
// Assume flow in and out is asIndirectExpr or asDefinitingArgument since a pointer is assumed
|
||||
// to be involved
|
||||
// NOTE: not attempting to detect openssl specific copy/dup functions, but anything suspected to be copy/dup
|
||||
this.getTarget().getName().toLowerCase().matches(["%_dup%", "%_copy%"]) and
|
||||
exists(Expr inArg, Type t |
|
||||
inArg = this.getAnArgument() and t = inArg.getUnspecifiedType().stripType()
|
||||
|
|
||||
inNode.asIndirectExpr() = inArg and
|
||||
(
|
||||
// Case 1: flow through another argument as an out arg of the same type
|
||||
exists(Expr outArg |
|
||||
outArg = this.getAnArgument() and
|
||||
outArg != inArg and
|
||||
outArg.getUnspecifiedType().stripType() = t
|
||||
|
|
||||
outNode.asDefiningArgument() = outArg
|
||||
)
|
||||
or
|
||||
// Case 2: flow through the return value if the result is the same as the intput type
|
||||
exists(Expr outArg | outArg = this and outArg.getUnspecifiedType().stripType() = t |
|
||||
outNode.asIndirectExpr() = outArg
|
||||
)
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getInNode() { result = inNode }
|
||||
|
||||
override DataFlow::Node getOutNode() { result = outNode }
|
||||
}
|
||||
|
||||
class NIDToPointerPassthroughCall extends AlgorithmPassthroughCall {
|
||||
DataFlow::Node inNode;
|
||||
DataFlow::Node outNode;
|
||||
|
||||
NIDToPointerPassthroughCall() {
|
||||
this.getTarget().getName() in ["OBJ_nid2obj", "OBJ_nid2ln", "OBJ_nid2sn"] and
|
||||
inNode.asExpr() = this.getArgument(0) and
|
||||
outNode.asExpr() = this
|
||||
//outNode.asIndirectExpr() = this
|
||||
}
|
||||
|
||||
override DataFlow::Node getInNode() { result = inNode }
|
||||
|
||||
override DataFlow::Node getOutNode() { result = outNode }
|
||||
}
|
||||
|
||||
class PointerToPointerPassthroughCall extends AlgorithmPassthroughCall {
|
||||
DataFlow::Node inNode;
|
||||
DataFlow::Node outNode;
|
||||
|
||||
PointerToPointerPassthroughCall() {
|
||||
this.getTarget().getName() = "OBJ_txt2obj" and
|
||||
inNode.asIndirectExpr() = this.getArgument(0) and
|
||||
outNode.asIndirectExpr() = this
|
||||
or
|
||||
//outNode.asExpr() = this
|
||||
this.getTarget().getName() in ["OBJ_obj2txt", "i2t_ASN1_OBJECT"] and
|
||||
inNode.asIndirectExpr() = this.getArgument(2) and
|
||||
outNode.asDefiningArgument() = this.getArgument(0)
|
||||
}
|
||||
|
||||
override DataFlow::Node getInNode() { result = inNode }
|
||||
|
||||
override DataFlow::Node getOutNode() { result = outNode }
|
||||
}
|
||||
|
||||
class PointerToNIDPassthroughCall extends AlgorithmPassthroughCall {
|
||||
DataFlow::Node inNode;
|
||||
DataFlow::Node outNode;
|
||||
|
||||
PointerToNIDPassthroughCall() {
|
||||
this.getTarget().getName() in ["OBJ_obj2nid", "OBJ_ln2nid", "OBJ_sn2nid", "OBJ_txt2nid"] and
|
||||
(
|
||||
inNode.asIndirectExpr() = this.getArgument(0)
|
||||
or
|
||||
inNode.asExpr() = this.getArgument(0)
|
||||
) and
|
||||
outNode.asExpr() = this
|
||||
}
|
||||
|
||||
override DataFlow::Node getInNode() { result = inNode }
|
||||
|
||||
override DataFlow::Node getOutNode() { result = outNode }
|
||||
}
|
||||
|
||||
// TODO: pkeys pass through EVP_PKEY_CTX_new and any similar variant
|
||||
predicate knownPassThroughStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
exists(AlgorithmPassthroughCall c | c.getInNode() = node1 and c.getOutNode() = node2)
|
||||
}
|
||||
@@ -1,77 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import OpenSSLAlgorithmInstanceBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import AlgToAVCFlow
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLBlockModeAlgorithmConstant`, converts this to a block family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToBlockModeFamilyType(
|
||||
KnownOpenSSLBlockModeAlgorithmConstant e, Crypto::TBlockCipherModeOfOperationType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
(
|
||||
name.matches("CBC") and type instanceof Crypto::CBC
|
||||
or
|
||||
name.matches("CFB%") and type instanceof Crypto::CFB
|
||||
or
|
||||
name.matches("CTR") and type instanceof Crypto::CTR
|
||||
or
|
||||
name.matches("GCM") and type instanceof Crypto::GCM
|
||||
or
|
||||
name.matches("OFB") and type instanceof Crypto::OFB
|
||||
or
|
||||
name.matches("XTS") and type instanceof Crypto::XTS
|
||||
or
|
||||
name.matches("CCM") and type instanceof Crypto::CCM
|
||||
or
|
||||
name.matches("GCM") and type instanceof Crypto::GCM
|
||||
or
|
||||
name.matches("CCM") and type instanceof Crypto::CCM
|
||||
or
|
||||
name.matches("ECB") and type instanceof Crypto::ECB
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
class KnownOpenSSLBlockModeConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::ModeOfOperationAlgorithmInstance instanceof KnownOpenSSLBlockModeAlgorithmConstant
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
KnownOpenSSLBlockModeConstantAlgorithmInstance() {
|
||||
// Two possibilities:
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a getter
|
||||
KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink)
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
}
|
||||
|
||||
override Crypto::TBlockCipherModeOfOperationType getModeType() {
|
||||
knownOpenSSLConstantToBlockModeFamilyType(this, result)
|
||||
or
|
||||
not knownOpenSSLConstantToBlockModeFamilyType(this, _) and result = Crypto::OtherMode()
|
||||
}
|
||||
|
||||
// NOTE: I'm not going to attempt to parse out the mode specific part, so returning
|
||||
// the same as the raw name for now.
|
||||
override string getRawModeAlgorithmName() { result = this.(Literal).getValue().toString() }
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
}
|
||||
@@ -1,124 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import KnownAlgorithmConstants
|
||||
private import Crypto::KeyOpAlg as KeyOpAlg
|
||||
private import OpenSSLAlgorithmInstanceBase
|
||||
private import PaddingAlgorithmInstance
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer
|
||||
private import AlgToAVCFlow
|
||||
private import BlockAlgorithmInstance
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLCipherAlgorithmConstant`, converts this to a cipher family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToCipherFamilyType(
|
||||
KnownOpenSSLCipherAlgorithmConstant e, Crypto::KeyOpAlg::TAlgorithm type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
(
|
||||
name.matches("AES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::AES())
|
||||
or
|
||||
name.matches("ARIA%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::ARIA())
|
||||
or
|
||||
name.matches("BLOWFISH%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::BLOWFISH())
|
||||
or
|
||||
name.matches("BF%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::BLOWFISH())
|
||||
or
|
||||
name.matches("CAMELLIA%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::CAMELLIA())
|
||||
or
|
||||
name.matches("CHACHA20%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::CHACHA20())
|
||||
or
|
||||
name.matches("CAST5%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::CAST5())
|
||||
or
|
||||
name.matches("2DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DoubleDES())
|
||||
or
|
||||
name.matches("3DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::TripleDES())
|
||||
or
|
||||
name.matches("DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DES())
|
||||
or
|
||||
name.matches("DESX%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DESX())
|
||||
or
|
||||
name.matches("GOST%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::GOST())
|
||||
or
|
||||
name.matches("IDEA%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::IDEA())
|
||||
or
|
||||
name.matches("KUZNYECHIK%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::KUZNYECHIK())
|
||||
or
|
||||
name.matches("MAGMA%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::MAGMA())
|
||||
or
|
||||
name.matches("RC2%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::RC2())
|
||||
or
|
||||
name.matches("RC4%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::RC4())
|
||||
or
|
||||
name.matches("RC5%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::RC5())
|
||||
or
|
||||
name.matches("RSA%") and type = KeyOpAlg::TAsymmetricCipher(KeyOpAlg::RSA())
|
||||
or
|
||||
name.matches("SEED%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::SEED())
|
||||
or
|
||||
name.matches("SM4%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::SM4())
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
class KnownOpenSSLCipherConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::KeyOperationAlgorithmInstance instanceof KnownOpenSSLCipherAlgorithmConstant
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
KnownOpenSSLCipherConstantAlgorithmInstance() {
|
||||
// Two possibilities:
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a getter
|
||||
KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink)
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
}
|
||||
|
||||
override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() {
|
||||
// if there is a block mode associated with the same element, then that's the block mode
|
||||
// note, if none are associated, we may need to parse if the cipher is a block cipher
|
||||
// to determine if this is an unknown vs not relevant.
|
||||
result = this
|
||||
}
|
||||
|
||||
override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() {
|
||||
//TODO: the padding is either self, or it flows through getter ctx to a set padding call
|
||||
// like EVP_PKEY_CTX_set_rsa_padding
|
||||
result = this
|
||||
// TODO or trace through getter ctx to set padding
|
||||
}
|
||||
|
||||
override string getRawAlgorithmName() { result = this.(Literal).getValue().toString() }
|
||||
|
||||
override int getKeySizeFixed() {
|
||||
this.(KnownOpenSSLCipherAlgorithmConstant).getExplicitKeySize() = result
|
||||
}
|
||||
|
||||
override Crypto::KeyOpAlg::Algorithm getAlgorithmType() {
|
||||
knownOpenSSLConstantToCipherFamilyType(this, result)
|
||||
or
|
||||
not knownOpenSSLConstantToCipherFamilyType(this, _) and
|
||||
result = Crypto::KeyOpAlg::TUnknownKeyOperationAlgorithmType()
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() {
|
||||
// TODO: trace to any key size initializer, symmetric and asymmetric
|
||||
none()
|
||||
}
|
||||
}
|
||||
@@ -1,49 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import KnownAlgorithmConstants
|
||||
private import OpenSSLAlgorithmInstanceBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer
|
||||
private import AlgToAVCFlow
|
||||
|
||||
class KnownOpenSSLEllipticCurveConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::EllipticCurveInstance instanceof KnownOpenSSLEllipticCurveAlgorithmConstant
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
KnownOpenSSLEllipticCurveConstantAlgorithmInstance() {
|
||||
// Two possibilities:
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a getter
|
||||
KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink)
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
|
||||
override string getRawEllipticCurveName() { result = this.(Literal).getValue().toString() }
|
||||
|
||||
override Crypto::TEllipticCurveType getEllipticCurveType() {
|
||||
Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getParsedEllipticCurveName(), _, result)
|
||||
}
|
||||
|
||||
override string getParsedEllipticCurveName() {
|
||||
result = this.(KnownOpenSSLEllipticCurveAlgorithmConstant).getNormalizedName()
|
||||
}
|
||||
|
||||
override int getKeySize() {
|
||||
Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.(KnownOpenSSLEllipticCurveAlgorithmConstant)
|
||||
.getNormalizedName(), result, _)
|
||||
}
|
||||
}
|
||||
@@ -1,84 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstanceBase
|
||||
private import AlgToAVCFlow
|
||||
|
||||
predicate knownOpenSSLConstantToHashFamilyType(
|
||||
KnownOpenSSLHashAlgorithmConstant e, Crypto::THashType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
(
|
||||
name.matches("BLAKE2B") and type instanceof Crypto::BLAKE2B
|
||||
or
|
||||
name.matches("BLAKE2S") and type instanceof Crypto::BLAKE2S
|
||||
or
|
||||
name.matches("GOST%") and type instanceof Crypto::GOSTHash
|
||||
or
|
||||
name.matches("MD2") and type instanceof Crypto::MD2
|
||||
or
|
||||
name.matches("MD4") and type instanceof Crypto::MD4
|
||||
or
|
||||
name.matches("MD5") and type instanceof Crypto::MD5
|
||||
or
|
||||
name.matches("MDC2") and type instanceof Crypto::MDC2
|
||||
or
|
||||
name.matches("POLY1305") and type instanceof Crypto::POLY1305
|
||||
or
|
||||
name.matches(["SHA", "SHA1"]) and type instanceof Crypto::SHA1
|
||||
or
|
||||
name.matches("SHA+%") and not name.matches(["SHA1", "SHA3-"]) and type instanceof Crypto::SHA2
|
||||
or
|
||||
name.matches("SHA3-%") and type instanceof Crypto::SHA3
|
||||
or
|
||||
name.matches(["SHAKE"]) and type instanceof Crypto::SHAKE
|
||||
or
|
||||
name.matches("SM3") and type instanceof Crypto::SM3
|
||||
or
|
||||
name.matches("RIPEMD160") and type instanceof Crypto::RIPEMD160
|
||||
or
|
||||
name.matches("WHIRLPOOL") and type instanceof Crypto::WHIRLPOOL
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::HashAlgorithmInstance instanceof KnownOpenSSLHashAlgorithmConstant
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
KnownOpenSSLHashConstantAlgorithmInstance() {
|
||||
// Two possibilities:
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a getter
|
||||
KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink)
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
|
||||
override Crypto::THashType getHashFamily() {
|
||||
knownOpenSSLConstantToHashFamilyType(this, result)
|
||||
or
|
||||
not knownOpenSSLConstantToHashFamilyType(this, _) and result = Crypto::OtherHashType()
|
||||
}
|
||||
|
||||
override string getRawHashAlgorithmName() { result = this.(Literal).getValue().toString() }
|
||||
|
||||
override int getFixedDigestLength() {
|
||||
this.(KnownOpenSSLHashAlgorithmConstant).getExplicitDigestLength() = result
|
||||
}
|
||||
}
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1,6 +0,0 @@
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
|
||||
abstract class OpenSSLAlgorithmInstance extends Crypto::AlgorithmInstance {
|
||||
abstract OpenSSLAlgorithmValueConsumer getAVC();
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
import OpenSSLAlgorithmInstanceBase
|
||||
import CipherAlgorithmInstance
|
||||
import PaddingAlgorithmInstance
|
||||
import BlockAlgorithmInstance
|
||||
import HashAlgorithmInstance
|
||||
import EllipticCurveAlgorithmInstance
|
||||
@@ -1,174 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import OpenSSLAlgorithmInstanceBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import AlgToAVCFlow
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
|
||||
/**
|
||||
* A class to define padding specific integer values.
|
||||
* from rsa.h in openssl:
|
||||
* # define RSA_PKCS1_PADDING 1
|
||||
* # define RSA_NO_PADDING 3
|
||||
* # define RSA_PKCS1_OAEP_PADDING 4
|
||||
* # define RSA_X931_PADDING 5
|
||||
* # define RSA_PKCS1_PSS_PADDING 6
|
||||
* # define RSA_PKCS1_WITH_TLS_PADDING 7
|
||||
* # define RSA_PKCS1_NO_IMPLICIT_REJECT_PADDING 8
|
||||
*/
|
||||
class OpenSSLPaddingLiteral extends Literal {
|
||||
// TODO: we can be more specific about where the literal is in a larger expression
|
||||
// to avoid literals that are clealy not representing an algorithm, e.g., array indices.
|
||||
OpenSSLPaddingLiteral() { this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8] }
|
||||
}
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLPaddingAlgorithmConstant`, converts this to a padding family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToPaddingFamilyType(
|
||||
KnownOpenSSLPaddingAlgorithmConstant e, Crypto::TPaddingType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
(
|
||||
name.matches("OAEP") and type = Crypto::OAEP()
|
||||
or
|
||||
name.matches("PSS") and type = Crypto::PSS()
|
||||
or
|
||||
name.matches("PKCS7") and type = Crypto::PKCS7()
|
||||
or
|
||||
name.matches("PKCS1V15") and type = Crypto::PKCS1_v1_5()
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
//abstract class OpenSSLPaddingAlgorithmInstance extends OpenSSLAlgorithmInstance, Crypto::PaddingAlgorithmInstance{}
|
||||
// TODO: need to alter this to include known padding constants which don't have the
|
||||
// same mechanics as those with known nids
|
||||
class KnownOpenSSLPaddingConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::PaddingAlgorithmInstance instanceof Expr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
boolean isPaddingSpecificConsumer;
|
||||
|
||||
KnownOpenSSLPaddingConstantAlgorithmInstance() {
|
||||
// three possibilities:
|
||||
// 1) The source is a 'typical' literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// 3) the source is a padding-specific literal flowing to a padding-specific consumer
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmConstant and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a getter
|
||||
KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink) and
|
||||
isPaddingSpecificConsumer = false
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and
|
||||
getterCall = this and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmConstant and
|
||||
isPaddingSpecificConsumer = false
|
||||
or
|
||||
// Possibility 3: padding-specific literal
|
||||
this instanceof OpenSSLPaddingLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
// Source is `this`
|
||||
src.asExpr() = this and
|
||||
// This traces to a padding-specific consumer
|
||||
RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow::flow(src, sink)
|
||||
) and
|
||||
isPaddingSpecificConsumer = true
|
||||
}
|
||||
|
||||
override string getRawPaddingAlgorithmName() { result = this.(Literal).getValue().toString() }
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
|
||||
Crypto::TPaddingType getKnownPaddingType() {
|
||||
this.(Literal).getValue().toInt() in [1, 7, 8] and result = Crypto::PKCS1_v1_5()
|
||||
or
|
||||
this.(Literal).getValue().toInt() = 3 and result = Crypto::NoPadding()
|
||||
or
|
||||
this.(Literal).getValue().toInt() = 4 and result = Crypto::OAEP()
|
||||
or
|
||||
this.(Literal).getValue().toInt() = 5 and result = Crypto::ANSI_X9_23()
|
||||
or
|
||||
this.(Literal).getValue().toInt() = 6 and result = Crypto::PSS()
|
||||
}
|
||||
|
||||
override Crypto::TPaddingType getPaddingType() {
|
||||
isPaddingSpecificConsumer = true and
|
||||
(
|
||||
result = this.getKnownPaddingType()
|
||||
or
|
||||
not exists(this.getKnownPaddingType()) and result = Crypto::OtherPadding()
|
||||
)
|
||||
or
|
||||
isPaddingSpecificConsumer = false and
|
||||
knownOpenSSLConstantToPaddingFamilyType(this, result)
|
||||
}
|
||||
}
|
||||
|
||||
// // Values used for EVP_PKEY_CTX_set_rsa_padding, these are
|
||||
// // not the same as 'typical' constants found in the set of known algorithm constants
|
||||
// // they do not have an NID
|
||||
// // TODO: what about setting the padding directly?
|
||||
// class KnownRSAPaddingConstant extends OpenSSLPaddingAlgorithmInstance, Crypto::PaddingAlgorithmInstance instanceof Literal
|
||||
// {
|
||||
// KnownRSAPaddingConstant() {
|
||||
// // from rsa.h in openssl:
|
||||
// // # define RSA_PKCS1_PADDING 1
|
||||
// // # define RSA_NO_PADDING 3
|
||||
// // # define RSA_PKCS1_OAEP_PADDING 4
|
||||
// // # define RSA_X931_PADDING 5
|
||||
// // /* EVP_PKEY_ only */
|
||||
// // # define RSA_PKCS1_PSS_PADDING 6
|
||||
// // # define RSA_PKCS1_WITH_TLS_PADDING 7
|
||||
// // /* internal RSA_ only */
|
||||
// // # define RSA_PKCS1_NO_IMPLICIT_REJECT_PADDING 8
|
||||
// this instanceof Literal and
|
||||
// this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8]
|
||||
// // TODO: trace to padding-specific consumers
|
||||
// RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow
|
||||
// }
|
||||
// override string getRawPaddingAlgorithmName() { result = this.(Literal).getValue().toString() }
|
||||
// override Crypto::TPaddingType getPaddingType() {
|
||||
// if this.(Literal).getValue().toInt() in [1, 6, 7, 8]
|
||||
// then result = Crypto::PKCS1_v1_5()
|
||||
// else
|
||||
// if this.(Literal).getValue().toInt() = 3
|
||||
// then result = Crypto::NoPadding()
|
||||
// else
|
||||
// if this.(Literal).getValue().toInt() = 4
|
||||
// then result = Crypto::OAEP()
|
||||
// else
|
||||
// if this.(Literal).getValue().toInt() = 5
|
||||
// then result = Crypto::ANSI_X9_23()
|
||||
// else result = Crypto::OtherPadding()
|
||||
// }
|
||||
// }
|
||||
class OAEPPaddingAlgorithmInstance extends Crypto::OAEPPaddingAlgorithmInstance,
|
||||
KnownOpenSSLPaddingConstantAlgorithmInstance
|
||||
{
|
||||
OAEPPaddingAlgorithmInstance() {
|
||||
this.(Crypto::PaddingAlgorithmInstance).getPaddingType() = Crypto::OAEP()
|
||||
}
|
||||
|
||||
override Crypto::HashAlgorithmInstance getOAEPEncodingHashAlgorithm() {
|
||||
none() //TODO
|
||||
}
|
||||
|
||||
override Crypto::HashAlgorithmInstance getMGF1HashAlgorithm() {
|
||||
none() //TODO
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstanceBase
|
||||
private import OpenSSLAlgorithmValueConsumerBase
|
||||
|
||||
abstract class CipherAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer { }
|
||||
|
||||
// https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_fetch.html
|
||||
class EVPCipherAlgorithmValueConsumer extends CipherAlgorithmValueConsumer {
|
||||
DataFlow::Node valueArgNode;
|
||||
DataFlow::Node resultNode;
|
||||
|
||||
EVPCipherAlgorithmValueConsumer() {
|
||||
resultNode.asExpr() = this and
|
||||
(
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_get_cipherbyname", "EVP_get_cipherbyobj", "EVP_get_cipherbynid"
|
||||
] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(0)
|
||||
or
|
||||
this.(Call).getTarget().getName() in ["EVP_CIPHER_fetch", "EVP_ASYM_CIPHER_fetch"] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(1)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
|
||||
|
||||
// override DataFlow::Node getInputNode() { result = valueArgNode }
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
//TODO: As a potential alternative, for OpenSSL only, add a generic source node for literals and only create flow (flowsTo) to
|
||||
// OpenSSL AVCs... the unknown literal sources would have to be any literals not in the known set.
|
||||
}
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
|
||||
/**
|
||||
* Cases like EVP_MD5(),
|
||||
* there is no input, rather it directly gets an algorithm
|
||||
* and returns it.
|
||||
*/
|
||||
class DirectAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer {
|
||||
DataFlow::Node resultNode;
|
||||
Expr resultExpr;
|
||||
|
||||
DirectAlgorithmValueConsumer() {
|
||||
this instanceof KnownOpenSSLAlgorithmConstant and
|
||||
this instanceof Call and
|
||||
resultExpr = this and
|
||||
resultNode.asExpr() = resultExpr
|
||||
}
|
||||
|
||||
/**
|
||||
* These cases take in no explicit value (the value is implicit)
|
||||
*/
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { none() }
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
// override DataFlow::Node getOutputNode() { result = resultNode }
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
// Note: algorithm source definitions enforces that
|
||||
// this class will be a known algorithm source
|
||||
result = this
|
||||
}
|
||||
}
|
||||
@@ -1,34 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstances
|
||||
|
||||
abstract class EllipticCurveValueConsumer extends OpenSSLAlgorithmValueConsumer { }
|
||||
|
||||
//https://docs.openssl.org/3.0/man3/EC_KEY_new/#name
|
||||
class EVPEllipticCurveAlgorithmConsumer extends EllipticCurveValueConsumer {
|
||||
DataFlow::Node valueArgNode;
|
||||
DataFlow::Node resultNode;
|
||||
|
||||
EVPEllipticCurveAlgorithmConsumer() {
|
||||
resultNode.asExpr() = this.(Call) and // in all cases the result is the return
|
||||
(
|
||||
this.(Call).getTarget().getName() in ["EVP_EC_gen", "EC_KEY_new_by_curve_name"] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(0)
|
||||
or
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EC_KEY_new_by_curve_name_ex", "EVP_PKEY_CTX_set_ec_paramgen_curve_nid"
|
||||
] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(2)
|
||||
)
|
||||
}
|
||||
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
|
||||
}
|
||||
@@ -1,63 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import semmle.code.cpp.dataflow.new.DataFlow
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstances
|
||||
private import experimental.quantum.OpenSSL.LibraryDetector
|
||||
|
||||
abstract class HashAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer { }
|
||||
|
||||
/**
|
||||
* EVP_Q_Digest directly consumes algorithm constant values
|
||||
*/
|
||||
class EVP_Q_Digest_Algorithm_Consumer extends OpenSSLAlgorithmValueConsumer {
|
||||
EVP_Q_Digest_Algorithm_Consumer() {
|
||||
isPossibleOpenSSLFunction(this.(Call).getTarget()) and
|
||||
this.(Call).getTarget().getName() = "EVP_Q_digest"
|
||||
}
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() {
|
||||
result.asExpr() = this.(Call).getArgument(1)
|
||||
}
|
||||
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() {
|
||||
// EVP_Q_Digest directly consumes the algorithm constant value and performs the operation, there is no
|
||||
// algorithm result
|
||||
none()
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* The EVP digest algorithm getters
|
||||
* https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
|
||||
*/
|
||||
class EVPDigestAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer {
|
||||
DataFlow::Node valueArgNode;
|
||||
DataFlow::Node resultNode;
|
||||
|
||||
EVPDigestAlgorithmValueConsumer() {
|
||||
resultNode.asExpr() = this and
|
||||
isPossibleOpenSSLFunction(this.(Call).getTarget()) and
|
||||
(
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_get_digestbyname", "EVP_get_digestbynid", "EVP_get_digestbyobj"
|
||||
] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(0)
|
||||
or
|
||||
this.(Call).getTarget().getName() = "EVP_MD_fetch" and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(1)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
|
||||
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
}
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
private import experimental.quantum.Language
|
||||
|
||||
abstract class OpenSSLAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer instanceof Call {
|
||||
/**
|
||||
* Returns the node representing the resulting algorithm
|
||||
*/
|
||||
abstract DataFlow::Node getResultNode();
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import OpenSSLAlgorithmValueConsumerBase
|
||||
import CipherAlgorithmValueConsumer
|
||||
import DirectAlgorithmValueConsumer
|
||||
import PaddingAlgorithmValueConsumer
|
||||
import HashAlgorithmValueConsumer
|
||||
import EllipticCurveAlgorithmValueConsumer
|
||||
import PKeyAlgorithmValueConsumer
|
||||
@@ -1,55 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstances
|
||||
|
||||
abstract class PKeyValueConsumer extends OpenSSLAlgorithmValueConsumer { }
|
||||
|
||||
class EVPPKeyAlgorithmConsumer extends PKeyValueConsumer {
|
||||
DataFlow::Node valueArgNode;
|
||||
DataFlow::Node resultNode;
|
||||
|
||||
EVPPKeyAlgorithmConsumer() {
|
||||
resultNode.asExpr() = this.(Call) and // in all cases the result is the return
|
||||
(
|
||||
// NOTE: some of these consumers are themselves key gen operations,
|
||||
// in these cases, the operation will be created separately for the same function.
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_PKEY_CTX_new_id", "EVP_PKEY_new_raw_private_key", "EVP_PKEY_new_raw_public_key",
|
||||
"EVP_PKEY_new_mac_key"
|
||||
] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(0)
|
||||
or
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_PKEY_CTX_new_from_name", "EVP_PKEY_new_raw_private_key_ex",
|
||||
"EVP_PKEY_new_raw_public_key_ex", "EVP_PKEY_CTX_ctrl", "EVP_PKEY_CTX_set_group_name"
|
||||
] and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(1)
|
||||
or
|
||||
// argInd 2 is 'type' which can be RSA, or EC
|
||||
// if RSA argInd 3 is the key size, else if EC argInd 3 is the curve name
|
||||
// In all other cases there is no argInd 3, and argInd 2 is the algorithm.
|
||||
// Since this is a key gen operation, handling the key size should be handled
|
||||
// when the operation is again modeled as a key gen operation.
|
||||
this.(Call).getTarget().getName() = "EVP_PKEY_Q_keygen" and
|
||||
(
|
||||
// Elliptic curve case
|
||||
// If the argInd 3 is a derived type (pointer or array) then assume it is a curve name
|
||||
if this.(Call).getArgument(3).getType().getUnderlyingType() instanceof DerivedType
|
||||
then valueArgNode.asExpr() = this.(Call).getArgument(3)
|
||||
else
|
||||
// All other cases
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(2)
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants
|
||||
private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstanceBase
|
||||
private import OpenSSLAlgorithmValueConsumerBase
|
||||
|
||||
abstract class PaddingAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer { }
|
||||
|
||||
// https://docs.openssl.org/master/man7/EVP_ASYM_CIPHER-RSA/#rsa-asymmetric-cipher-parameters
|
||||
// TODO: need to handle setting padding through EVP_PKEY_CTX_set_params, where modes like "OSSL_PKEY_RSA_PAD_MODE_OAEP"
|
||||
// are set.
|
||||
class EVP_PKEY_CTX_set_rsa_padding_AlgorithmValueConsumer extends PaddingAlgorithmValueConsumer {
|
||||
DataFlow::Node valueArgNode;
|
||||
DataFlow::Node resultNode;
|
||||
|
||||
EVP_PKEY_CTX_set_rsa_padding_AlgorithmValueConsumer() {
|
||||
resultNode.asExpr() = this and
|
||||
this.(Call).getTarget().getName() = "EVP_PKEY_CTX_set_rsa_padding" and
|
||||
valueArgNode.asExpr() = this.(Call).getArgument(1)
|
||||
}
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
|
||||
|
||||
// override DataFlow::Node getInputNode() { result = valueArgNode }
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
exists(OpenSSLAlgorithmInstance i | i.getAVC() = this and result = i)
|
||||
//TODO: As a potential alternative, for OpenSSL only, add a generic source node for literals and only create flow (flowsTo) to
|
||||
// OpenSSL AVCs... the unknown literal sources would have to be any literals not in the known set.
|
||||
}
|
||||
}
|
||||
@@ -1,127 +0,0 @@
|
||||
//TODO: model as data on open APIs should be able to get common flows, and obviate some of this
|
||||
// e.g., copy/dup calls, need to ingest those models for openSSL and refactor.
|
||||
/**
|
||||
* In OpenSSL, flow between 'context' parameters is often used to
|
||||
* store state/config of how an operation will eventually be performed.
|
||||
* Tracing algorithms and configurations to operations therefore
|
||||
* requires tracing context parameters for many OpenSSL apis.
|
||||
*
|
||||
* This library provides a dataflow analysis to track context parameters
|
||||
* between any two functions accepting openssl context parameters.
|
||||
* The dataflow takes into consideration flowing through duplication and copy calls
|
||||
* as well as flow through flow killers (free/reset calls).
|
||||
*
|
||||
* TODO: we may need to revisit 'free' as a dataflow killer, depending on how
|
||||
* we want to model use after frees.
|
||||
*
|
||||
* This library also provides classes to represent context Types and relevant
|
||||
* arguments/expressions.
|
||||
*/
|
||||
|
||||
import semmle.code.cpp.dataflow.new.DataFlow
|
||||
|
||||
/**
|
||||
* An openSSL CTX type, which is type for which the stripped underlying type
|
||||
* matches the pattern 'evp_%ctx_%st'.
|
||||
* This includes types like:
|
||||
* - EVP_CIPHER_CTX
|
||||
* - EVP_MD_CTX
|
||||
* - EVP_PKEY_CTX
|
||||
*/
|
||||
private class CtxType extends Type {
|
||||
CtxType() { this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") }
|
||||
}
|
||||
|
||||
/**
|
||||
* A pointer to a CtxType
|
||||
*/
|
||||
private class CtxPointerExpr extends Expr {
|
||||
CtxPointerExpr() {
|
||||
this.getType() instanceof CtxType and
|
||||
this.getType() instanceof PointerType
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A call argument of type CtxPointerExpr.
|
||||
*/
|
||||
private class CtxPointerArgument extends CtxPointerExpr {
|
||||
CtxPointerArgument() { exists(Call c | c.getAnArgument() = this) }
|
||||
|
||||
Call getCall() { result.getAnArgument() = this }
|
||||
}
|
||||
|
||||
/**
|
||||
* A call whose target contains 'free' or 'reset' and has an argument of type
|
||||
* CtxPointerArgument.
|
||||
*/
|
||||
private class CtxClearCall extends Call {
|
||||
CtxClearCall() {
|
||||
this.getTarget().getName().toLowerCase().matches(["%free%", "%reset%"]) and
|
||||
this.getAnArgument() instanceof CtxPointerArgument
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A call whose target contains 'copy' and has an argument of type
|
||||
* CtxPointerArgument.
|
||||
*/
|
||||
private class CtxCopyOutArgCall extends Call {
|
||||
CtxCopyOutArgCall() {
|
||||
this.getTarget().getName().toLowerCase().matches("%copy%") and
|
||||
this.getAnArgument() instanceof CtxPointerArgument
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A call whose target contains 'dup' and has an argument of type
|
||||
* CtxPointerArgument.
|
||||
*/
|
||||
private class CtxCopyReturnCall extends Call, CtxPointerExpr {
|
||||
CtxCopyReturnCall() {
|
||||
this.getTarget().getName().toLowerCase().matches("%dup%") and
|
||||
this.getAnArgument() instanceof CtxPointerArgument
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Flow from any CtxPointerArgument to any other CtxPointerArgument
|
||||
*/
|
||||
module OpenSSLCtxArgumentFlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CtxPointerArgument }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof CtxPointerArgument }
|
||||
|
||||
predicate isBarrier(DataFlow::Node node) {
|
||||
exists(CtxClearCall c | c.getAnArgument() = node.asExpr())
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
exists(CtxCopyOutArgCall c |
|
||||
c.getAnArgument() = node1.asExpr() and
|
||||
c.getAnArgument() = node2.asExpr() and
|
||||
node1.asExpr() != node2.asExpr() and
|
||||
node2.asExpr().getType() instanceof CtxType
|
||||
)
|
||||
or
|
||||
exists(CtxCopyReturnCall c |
|
||||
c.getAnArgument() = node1.asExpr() and
|
||||
c = node2.asExpr() and
|
||||
node1.asExpr() != node2.asExpr() and
|
||||
node2.asExpr().getType() instanceof CtxType
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
module OpenSSLCtxArgumentFlow = DataFlow::Global<OpenSSLCtxArgumentFlowConfig>;
|
||||
|
||||
/**
|
||||
* Holds if there is a context flow from the source to the sink.
|
||||
*/
|
||||
predicate ctxArgFlowsToCtxArg(CtxPointerArgument source, CtxPointerArgument sink) {
|
||||
exists(DataFlow::Node a, DataFlow::Node b |
|
||||
OpenSSLCtxArgumentFlow::flow(a, b) and
|
||||
a.asExpr() = source and
|
||||
b.asExpr() = sink
|
||||
)
|
||||
}
|
||||
@@ -1,122 +0,0 @@
|
||||
import cpp
|
||||
private import semmle.code.cpp.models.Models
|
||||
private import semmle.code.cpp.models.interfaces.FormattingFunction
|
||||
|
||||
private class IntLiteral extends Literal {
|
||||
IntLiteral() {
|
||||
//Heuristics for distinguishing int literals from other literals
|
||||
exists(this.getValue().toInt()) and
|
||||
not this instanceof CharLiteral and
|
||||
not this instanceof StringLiteral
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if a StringLiteral could conceivably be used in some way for cryptography.
|
||||
* Note: this predicate should only consider restrictions with respect to strings only.
|
||||
* General restrictions are in the OpenSSLGenericSourceCandidateLiteral class.
|
||||
*/
|
||||
private predicate isOpenSSLStringLiteralGenericSourceCandidate(StringLiteral s) {
|
||||
// 'EC' is a constant that may be used where typical algorithms are specified,
|
||||
// but EC specifically means set up a default curve container, that will later be
|
||||
//specified explicitly (or if not a default) curve is used.
|
||||
s.getValue() != "EC" and
|
||||
// Ignore empty strings
|
||||
s.getValue() != "" and
|
||||
// Filter out strings with "%", to filter out format strings
|
||||
not s.getValue().matches("%\\%%") and
|
||||
// Filter out strings in brackets or braces (commonly seen strings not relevant for crypto)
|
||||
not s.getValue().matches(["[%]", "(%)"]) and
|
||||
// Filter out all strings of length 1, since these are not algorithm names
|
||||
// NOTE/ASSUMPTION: If a user legitimately passes a string of length 1 to some configuration
|
||||
// we will assume this is generally unknown. We may need to reassess this in the future.
|
||||
s.getValue().length() > 1 and
|
||||
// Ignore all strings that are in format string calls outputing to a stream (e.g., stdout)
|
||||
not exists(FormattingFunctionCall f |
|
||||
exists(f.getOutputArgument(true)) and s = f.(Call).getAnArgument()
|
||||
) and
|
||||
// Ignore all format string calls where there is no known out param (resulting string)
|
||||
// i.e., ignore printf, since it will just output a string and not produce a new string
|
||||
not exists(FormattingFunctionCall f |
|
||||
// Note: using two ways of determining if there is an out param, since I'm not sure
|
||||
// which way is canonical
|
||||
not exists(f.getOutputArgument(false)) and
|
||||
not f.getTarget().hasTaintFlow(_, _) and
|
||||
f.(Call).getAnArgument() = s
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if a StringLiteral could conceivably be used in some way for cryptography.
|
||||
* Note: this predicate should only consider restrictions with respect to integers only.
|
||||
* General restrictions are in the OpenSSLGenericSourceCandidateLiteral class.
|
||||
*/
|
||||
private predicate isOpenSSLIntLiteralGenericSourceCandidate(IntLiteral l) {
|
||||
// Ignore integer values of 0, commonly referring to NULL only (no known algorithm 0)
|
||||
l.getValue().toInt() != 0 and
|
||||
// ASSUMPTION, no negative numbers are allowed
|
||||
// RATIONALE: this is a performance improvement to avoid having to trace every number
|
||||
not exists(UnaryMinusExpr u | u.getOperand() = l) and
|
||||
// OPENSSL has a special macro for getting every line, ignore it
|
||||
not exists(MacroInvocation mi | mi.getExpr() = l and mi.getMacroName() = "OPENSSL_LINE") and
|
||||
// Filter out cases where an int is returned into a pointer, e.g., return NULL;
|
||||
not exists(ReturnStmt r |
|
||||
r.getExpr() = l and
|
||||
r.getEnclosingFunction().getType().getUnspecifiedType() instanceof DerivedType
|
||||
) and
|
||||
// A literal as an array index should not be relevant for crypo
|
||||
not exists(ArrayExpr op | op.getArrayOffset() = l) and
|
||||
// A literal used in a bitwise should not be relevant for crypto
|
||||
not exists(BinaryBitwiseOperation op | op.getAnOperand() = l) and
|
||||
not exists(AssignBitwiseOperation op | op.getAnOperand() = l) and
|
||||
//Filter out cases where an int is assigned or initialized into a pointer, e.g., char* x = NULL;
|
||||
not exists(Assignment a |
|
||||
a.getRValue() = l and
|
||||
a.getLValue().getType().getUnspecifiedType() instanceof DerivedType
|
||||
) and
|
||||
not exists(Initializer i |
|
||||
i.getExpr() = l and
|
||||
i.getDeclaration().getADeclarationEntry().getUnspecifiedType() instanceof DerivedType
|
||||
) and
|
||||
// Filter out cases where the literal is used in any kind of arithmetic operation
|
||||
not exists(BinaryArithmeticOperation op | op.getAnOperand() = l) and
|
||||
not exists(UnaryArithmeticOperation op | op.getOperand() = l) and
|
||||
not exists(AssignArithmeticOperation op | op.getAnOperand() = l) and
|
||||
// If a literal has no parent ignore it, this is a workaround for the current inability
|
||||
// to find a literal in an array declaration: int x[100];
|
||||
// NOTE/ASSUMPTION: this value might actually be relevant for finding hard coded sizes
|
||||
// consider size as inferred through the allocation of a buffer.
|
||||
// In these cases, we advise that the source is not generic and must be traced explicitly.
|
||||
exists(l.getParent())
|
||||
}
|
||||
|
||||
/**
|
||||
* Any literal that may be conceivably be used in some way for cryptography.
|
||||
* The set of all literals is restricted by this class to cases where there is higher
|
||||
* plausibility that the literal could be used as a source of configuration.
|
||||
* Literals are filtered, for example, if they are used in a way no indicative of an algorithm use
|
||||
* such as in an array index, bitwise operation, or logical operation.
|
||||
* Note a case like this:
|
||||
* if(algVal == "AES")
|
||||
*
|
||||
* "AES" may be a legitimate algorithm literal, but the literal will not be used for an operation directly
|
||||
* since it is in a equality comparison, hence this case would also be filtered.
|
||||
*/
|
||||
class OpenSSLGenericSourceCandidateLiteral extends Literal {
|
||||
OpenSSLGenericSourceCandidateLiteral() {
|
||||
(
|
||||
isOpenSSLIntLiteralGenericSourceCandidate(this) or
|
||||
isOpenSSLStringLiteralGenericSourceCandidate(this)
|
||||
) and
|
||||
// ********* General filters beyond what is filtered for strings and ints *********
|
||||
// An algorithm literal in a switch case will not be directly applied to an operation.
|
||||
not exists(SwitchCase sc | sc.getExpr() = this) and
|
||||
// A literal in a logical operation may be an algorithm, but not a candidate
|
||||
// for the purposes of finding applied algorithms
|
||||
not exists(BinaryLogicalOperation op | op.getAnOperand() = this) and
|
||||
not exists(UnaryLogicalOperation op | op.getOperand() = this) and
|
||||
// A literal in a comparison operation may be an algorithm, but not a candidate
|
||||
// for the purposes of finding applied algorithms
|
||||
not exists(ComparisonOperation op | op.getAnOperand() = this)
|
||||
}
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import cpp
|
||||
|
||||
predicate isPossibleOpenSSLFunction(Function f) {
|
||||
isPossibleOpenSSLLocation(f.getADeclarationLocation())
|
||||
}
|
||||
|
||||
predicate isPossibleOpenSSLLocation(Location l) { l.toString().toLowerCase().matches("%openssl%") }
|
||||
@@ -1,7 +0,0 @@
|
||||
module OpenSSLModel {
|
||||
import AlgorithmInstances.OpenSSLAlgorithmInstances
|
||||
import AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
import Operations.OpenSSLOperations
|
||||
import Random
|
||||
import GenericSourceCandidateLiteral
|
||||
}
|
||||
@@ -1,61 +0,0 @@
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
|
||||
private import OpenSSLOperationBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
private import semmle.code.cpp.dataflow.new.DataFlow
|
||||
|
||||
private module AlgGetterToAlgConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
exists(OpenSSLAlgorithmValueConsumer c | c.getResultNode() = source)
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(ECKeyGenOperation c | c.getAlgorithmArg() = sink.asExpr())
|
||||
}
|
||||
}
|
||||
|
||||
private module AlgGetterToAlgConsumerFlow = DataFlow::Global<AlgGetterToAlgConsumerConfig>;
|
||||
|
||||
class ECKeyGenOperation extends OpenSSLOperation, Crypto::KeyGenerationOperationInstance {
|
||||
ECKeyGenOperation() { this.(Call).getTarget().getName() = "EC_KEY_generate_key" }
|
||||
|
||||
override Expr getOutputArg() {
|
||||
result = this.(Call) // return value of call
|
||||
}
|
||||
|
||||
Expr getAlgorithmArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
override Expr getInputArg() {
|
||||
// there is no 'input', in the sense that no data is being manipulated by the operation.
|
||||
// There is an input of an algorithm, but that is not the intention of the operation input arg.
|
||||
none()
|
||||
}
|
||||
|
||||
override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TAsymmetricKeyType() }
|
||||
|
||||
override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() {
|
||||
result = this.getOutputNode()
|
||||
}
|
||||
|
||||
override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
|
||||
AlgGetterToAlgConsumerFlow::flow(result.(OpenSSLAlgorithmValueConsumer).getResultNode(),
|
||||
DataFlow::exprNode(this.getAlgorithmArg()))
|
||||
}
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() {
|
||||
none() // no explicit key size, inferred from algorithm
|
||||
}
|
||||
|
||||
override int getKeySizeFixed() {
|
||||
none()
|
||||
// TODO: marked as none as the operation itself has no key size, it
|
||||
// comes from the algorithm source, but note we could grab the
|
||||
// algorithm source and get the key size (see below).
|
||||
// We may need to reconsider what is the best approach here.
|
||||
// result =
|
||||
// this.getAnAlgorithmValueConsumer()
|
||||
// .getAKnownAlgorithmSource()
|
||||
// .(Crypto::EllipticCurveInstance)
|
||||
// .getKeySize()
|
||||
}
|
||||
}
|
||||
@@ -1,123 +0,0 @@
|
||||
/**
|
||||
* see: https://docs.openssl.org/master/man3/EVP_EncryptInit/
|
||||
* Models cipher initialization for EVP cipher operations.
|
||||
*/
|
||||
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
|
||||
|
||||
module EncValToInitEncArgConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.asExpr().getValue().toInt() in [0, 1] }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(EVP_Cipher_Initializer initCall | sink.asExpr() = initCall.getOperationSubtypeArg())
|
||||
}
|
||||
}
|
||||
|
||||
module EncValToInitEncArgFlow = DataFlow::Global<EncValToInitEncArgConfig>;
|
||||
|
||||
int getEncConfigValue(Expr e) {
|
||||
exists(EVP_Cipher_Initializer initCall | e = initCall.getOperationSubtypeArg()) and
|
||||
exists(DataFlow::Node a, DataFlow::Node b |
|
||||
EncValToInitEncArgFlow::flow(a, b) and b.asExpr() = e and result = a.asExpr().getValue().toInt()
|
||||
)
|
||||
}
|
||||
|
||||
bindingset[i]
|
||||
Crypto::KeyOperationSubtype intToCipherOperationSubtype(int i) {
|
||||
if i = 0
|
||||
then result instanceof Crypto::TEncryptMode
|
||||
else
|
||||
if i = 1
|
||||
then result instanceof Crypto::TDecryptMode
|
||||
else result instanceof Crypto::TUnknownKeyOperationMode
|
||||
}
|
||||
|
||||
// TODO: need to add key consumer
|
||||
abstract class EVP_Cipher_Initializer extends Call {
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
Expr getAlgorithmArg() { result = this.(Call).getArgument(1) }
|
||||
|
||||
abstract Expr getKeyArg();
|
||||
|
||||
abstract Expr getIVArg();
|
||||
|
||||
// abstract Crypto::CipherOperationSubtype getCipherOperationSubtype();
|
||||
abstract Expr getOperationSubtypeArg();
|
||||
|
||||
Crypto::KeyOperationSubtype getCipherOperationSubtype() {
|
||||
if this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%")
|
||||
then result instanceof Crypto::TEncryptMode
|
||||
else
|
||||
if this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%")
|
||||
then result instanceof Crypto::TDecryptMode
|
||||
else
|
||||
if exists(getEncConfigValue(this.getOperationSubtypeArg()))
|
||||
then result = intToCipherOperationSubtype(getEncConfigValue(this.getOperationSubtypeArg()))
|
||||
else result instanceof Crypto::TUnknownKeyOperationMode
|
||||
}
|
||||
}
|
||||
|
||||
abstract class EVP_EX_Initializer extends EVP_Cipher_Initializer {
|
||||
override Expr getKeyArg() { result = this.(Call).getArgument(3) }
|
||||
|
||||
override Expr getIVArg() { result = this.(Call).getArgument(4) }
|
||||
}
|
||||
|
||||
abstract class EVP_EX2_Initializer extends EVP_Cipher_Initializer {
|
||||
override Expr getKeyArg() { result = this.(Call).getArgument(2) }
|
||||
|
||||
override Expr getIVArg() { result = this.(Call).getArgument(3) }
|
||||
}
|
||||
|
||||
class EVP_Cipher_EX_Init_Call extends EVP_EX_Initializer {
|
||||
EVP_Cipher_EX_Init_Call() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_EncryptInit_ex", "EVP_DecryptInit_ex", "EVP_CipherInit_ex"
|
||||
]
|
||||
}
|
||||
|
||||
override Expr getOperationSubtypeArg() {
|
||||
this.(Call).getTarget().getName().toLowerCase().matches("%cipherinit%") and
|
||||
result = this.(Call).getArgument(5)
|
||||
}
|
||||
}
|
||||
|
||||
class EVP_Cipher_EX2_or_Simple_Init_Call extends EVP_EX2_Initializer {
|
||||
EVP_Cipher_EX2_or_Simple_Init_Call() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_EncryptInit_ex2", "EVP_DecryptInit_ex2", "EVP_CipherInit_ex2", "EVP_EncryptInit",
|
||||
"EVP_DecryptInit", "EVP_CipherInit"
|
||||
]
|
||||
}
|
||||
|
||||
override Expr getOperationSubtypeArg() {
|
||||
this.(Call).getTarget().getName().toLowerCase().matches("%cipherinit%") and
|
||||
result = this.(Call).getArgument(4)
|
||||
}
|
||||
}
|
||||
|
||||
class EVP_CipherInit_SKEY_Call extends EVP_EX2_Initializer {
|
||||
EVP_CipherInit_SKEY_Call() { this.(Call).getTarget().getName() in ["EVP_CipherInit_SKEY"] }
|
||||
|
||||
override Expr getOperationSubtypeArg() { result = this.(Call).getArgument(5) }
|
||||
}
|
||||
|
||||
class EVPCipherInitializerAlgorithmArgument extends Expr {
|
||||
EVPCipherInitializerAlgorithmArgument() {
|
||||
exists(EVP_Cipher_Initializer initCall | this = initCall.getAlgorithmArg())
|
||||
}
|
||||
}
|
||||
|
||||
class EVPCipherInitializerKeyArgument extends Expr {
|
||||
EVPCipherInitializerKeyArgument() {
|
||||
exists(EVP_Cipher_Initializer initCall | this = initCall.getKeyArg())
|
||||
}
|
||||
}
|
||||
|
||||
class EVPCipherInitializerIVArgument extends Expr {
|
||||
EVPCipherInitializerIVArgument() {
|
||||
exists(EVP_Cipher_Initializer initCall | this = initCall.getIVArg())
|
||||
}
|
||||
}
|
||||
@@ -1,121 +0,0 @@
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
|
||||
private import EVPCipherInitializer
|
||||
private import OpenSSLOperationBase
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
|
||||
private module AlgGetterToAlgConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
exists(OpenSSLAlgorithmValueConsumer c | c.getResultNode() = source)
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(EVP_Cipher_Operation c | c.getInitCall().getAlgorithmArg() = sink.asExpr())
|
||||
}
|
||||
}
|
||||
|
||||
private module AlgGetterToAlgConsumerFlow = DataFlow::Global<AlgGetterToAlgConsumerConfig>;
|
||||
|
||||
// import experimental.quantum.OpenSSL.AlgorithmValueConsumers.AlgorithmValueConsumers
|
||||
// import OpenSSLOperation
|
||||
// class EVPCipherOutput extends CipherOutputArtifact {
|
||||
// EVPCipherOutput() { exists(EVP_Cipher_Operation op | op.getOutputArg() = this) }
|
||||
// override DataFlow::Node getOutputNode() { result.asDefiningArgument() = this }
|
||||
// }
|
||||
//
|
||||
/**
|
||||
* see: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis
|
||||
* Base configuration for all EVP cipher operations.
|
||||
* NOTE: cannot extend instance of OpenSSLOperation, as we need to override
|
||||
* elements of OpenSSLOperation (i.e., we are creating an instance)
|
||||
*/
|
||||
abstract class EVP_Cipher_Operation extends OpenSSLOperation, Crypto::KeyOperationInstance {
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
override Expr getOutputArg() { result = this.(Call).getArgument(1) }
|
||||
|
||||
override Crypto::KeyOperationSubtype getKeyOperationSubtype() {
|
||||
result instanceof Crypto::TEncryptMode and
|
||||
this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%")
|
||||
or
|
||||
result instanceof Crypto::TDecryptMode and
|
||||
this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%")
|
||||
or
|
||||
result = this.getInitCall().getCipherOperationSubtype() and
|
||||
this.(Call).getTarget().getName().toLowerCase().matches("%cipher%")
|
||||
}
|
||||
|
||||
EVP_Cipher_Initializer getInitCall() {
|
||||
CTXFlow::ctxArgFlowsToCtxArg(result.getContextArg(), this.getContextArg())
|
||||
}
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getNonceConsumer() {
|
||||
this.getInitCall().getIVArg() = result.asExpr()
|
||||
}
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result = this.getInputNode() }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getKeyConsumer() {
|
||||
this.getInitCall().getKeyArg() = result.asExpr()
|
||||
}
|
||||
|
||||
override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { result = this.getOutputNode() }
|
||||
|
||||
override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
|
||||
AlgGetterToAlgConsumerFlow::flow(result.(OpenSSLAlgorithmValueConsumer).getResultNode(),
|
||||
DataFlow::exprNode(this.getInitCall().getAlgorithmArg()))
|
||||
}
|
||||
}
|
||||
|
||||
class EVP_Cipher_Call extends EVP_Cipher_Operation {
|
||||
EVP_Cipher_Call() { this.(Call).getTarget().getName() = "EVP_Cipher" }
|
||||
|
||||
override Expr getInputArg() { result = this.(Call).getArgument(2) }
|
||||
}
|
||||
|
||||
// NOTE: not modeled as cipher operations, these are intermediate calls
|
||||
class EVP_Cipher_Update_Call extends Call {
|
||||
EVP_Cipher_Update_Call() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_EncryptUpdate", "EVP_DecryptUpdate", "EVP_CipherUpdate"
|
||||
]
|
||||
}
|
||||
|
||||
Expr getInputArg() { result = this.(Call).getArgument(3) }
|
||||
|
||||
DataFlow::Node getInputNode() { result.asExpr() = this.getInputArg() }
|
||||
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
}
|
||||
|
||||
class EVP_Cipher_Final_Call extends EVP_Cipher_Operation {
|
||||
EVP_Cipher_Final_Call() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_EncryptFinal_ex", "EVP_DecryptFinal_ex", "EVP_CipherFinal_ex", "EVP_EncryptFinal",
|
||||
"EVP_DecryptFinal", "EVP_CipherFinal"
|
||||
]
|
||||
}
|
||||
|
||||
EVP_Cipher_Update_Call getUpdateCalls() {
|
||||
CTXFlow::ctxArgFlowsToCtxArg(result.getContextArg(), this.getContextArg())
|
||||
}
|
||||
|
||||
override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result = this.getInputNode() }
|
||||
}
|
||||
|
||||
class EVP_PKEY_Operation extends EVP_Cipher_Operation {
|
||||
EVP_PKEY_Operation() {
|
||||
this.(Call).getTarget().getName() in ["EVP_PKEY_decrypt", "EVP_PKEY_encrypt"]
|
||||
}
|
||||
|
||||
override Expr getInputArg() { result = this.(Call).getArgument(3) }
|
||||
// TODO: how PKEY is initialized is different that symmetric cipher
|
||||
// Consider making an entirely new class for this and specializing
|
||||
// the get init call
|
||||
}
|
||||
|
||||
class EVPCipherInputArgument extends Expr {
|
||||
EVPCipherInputArgument() { exists(EVP_Cipher_Operation op | op.getInputArg() = this) }
|
||||
}
|
||||
@@ -1,17 +0,0 @@
|
||||
import cpp
|
||||
|
||||
abstract class EVP_Hash_Initializer extends Call {
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
abstract Expr getAlgorithmArg();
|
||||
}
|
||||
|
||||
class EVP_DigestInit_Variant_Calls extends EVP_Hash_Initializer {
|
||||
EVP_DigestInit_Variant_Calls() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_DigestInit", "EVP_DigestInit_ex", "EVP_DigestInit_ex2"
|
||||
]
|
||||
}
|
||||
|
||||
override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) }
|
||||
}
|
||||
@@ -1,124 +0,0 @@
|
||||
/**
|
||||
* https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
|
||||
*/
|
||||
|
||||
private import experimental.quantum.Language
|
||||
private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
|
||||
private import OpenSSLOperationBase
|
||||
private import EVPHashInitializer
|
||||
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
||||
|
||||
// import EVPHashConsumers
|
||||
abstract class EVP_Hash_Operation extends OpenSSLOperation, Crypto::HashOperationInstance {
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
EVP_Hash_Initializer getInitCall() {
|
||||
CTXFlow::ctxArgFlowsToCtxArg(result.getContextArg(), this.getContextArg())
|
||||
}
|
||||
|
||||
/**
|
||||
* By default, the algorithm value comes from the init call.
|
||||
* There are variants where this isn't true, in which case the
|
||||
* subclass should override this method.
|
||||
*/
|
||||
override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
|
||||
AlgGetterToAlgConsumerFlow::flow(result.(OpenSSLAlgorithmValueConsumer).getResultNode(),
|
||||
DataFlow::exprNode(this.getInitCall().getAlgorithmArg()))
|
||||
}
|
||||
}
|
||||
|
||||
private module AlgGetterToAlgConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
exists(OpenSSLAlgorithmValueConsumer c | c.getResultNode() = source)
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(EVP_Hash_Operation c | c.getInitCall().getAlgorithmArg() = sink.asExpr())
|
||||
}
|
||||
}
|
||||
|
||||
private module AlgGetterToAlgConsumerFlow = DataFlow::Global<AlgGetterToAlgConsumerConfig>;
|
||||
|
||||
//https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis
|
||||
class EVP_Q_Digest_Operation extends EVP_Hash_Operation {
|
||||
EVP_Q_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Q_digest" }
|
||||
|
||||
//override Crypto::AlgorithmConsumer getAlgorithmConsumer() { }
|
||||
override EVP_Hash_Initializer getInitCall() {
|
||||
// This variant of digest does not use an init
|
||||
// and even if it were used, the init would be ignored/undefined
|
||||
none()
|
||||
}
|
||||
|
||||
override Expr getOutputArg() { result = this.(Call).getArgument(5) }
|
||||
|
||||
override Expr getInputArg() { result = this.(Call).getArgument(3) }
|
||||
|
||||
override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { result = this.getOutputNode() }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result = this.getInputNode() }
|
||||
|
||||
override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
|
||||
// The operation is a direct algorithm consumer
|
||||
// NOTE: the operation itself is already modeld as a value consumer, so we can
|
||||
// simply return 'this', see modeled hash algorithm consuers for EVP_Q_Digest
|
||||
this = result
|
||||
}
|
||||
}
|
||||
|
||||
class EVP_Digest_Operation extends EVP_Hash_Operation {
|
||||
EVP_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Digest" }
|
||||
|
||||
// There is no context argument for this function
|
||||
override Expr getContextArg() { none() }
|
||||
|
||||
override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
|
||||
AlgGetterToAlgConsumerFlow::flow(result.(OpenSSLAlgorithmValueConsumer).getResultNode(),
|
||||
DataFlow::exprNode(this.(Call).getArgument(4)))
|
||||
}
|
||||
|
||||
override EVP_Hash_Initializer getInitCall() {
|
||||
// This variant of digest does not use an init
|
||||
// and even if it were used, the init would be ignored/undefined
|
||||
none()
|
||||
}
|
||||
|
||||
override Expr getOutputArg() { result = this.(Call).getArgument(2) }
|
||||
|
||||
override Expr getInputArg() { result = this.(Call).getArgument(0) }
|
||||
|
||||
override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { result = this.getOutputNode() }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result = this.getInputNode() }
|
||||
}
|
||||
|
||||
// NOTE: not modeled as hash operations, these are intermediate calls
|
||||
class EVP_Digest_Update_Call extends Call {
|
||||
EVP_Digest_Update_Call() { this.(Call).getTarget().getName() in ["EVP_DigestUpdate"] }
|
||||
|
||||
Expr getInputArg() { result = this.(Call).getArgument(1) }
|
||||
|
||||
DataFlow::Node getInputNode() { result.asExpr() = this.getInputArg() }
|
||||
|
||||
Expr getContextArg() { result = this.(Call).getArgument(0) }
|
||||
}
|
||||
|
||||
class EVP_Digest_Final_Call extends EVP_Hash_Operation {
|
||||
EVP_Digest_Final_Call() {
|
||||
this.(Call).getTarget().getName() in [
|
||||
"EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF"
|
||||
]
|
||||
}
|
||||
|
||||
EVP_Digest_Update_Call getUpdateCalls() {
|
||||
CTXFlow::ctxArgFlowsToCtxArg(result.getContextArg(), this.getContextArg())
|
||||
}
|
||||
|
||||
override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() }
|
||||
|
||||
override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result = this.getInputNode() }
|
||||
|
||||
override Expr getOutputArg() { result = this.(Call).getArgument(1) }
|
||||
|
||||
override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { result = this.getOutputNode() }
|
||||
}
|
||||
@@ -1,21 +0,0 @@
|
||||
private import experimental.quantum.Language
|
||||
|
||||
abstract class OpenSSLOperation extends Crypto::OperationInstance instanceof Call {
|
||||
abstract Expr getInputArg();
|
||||
|
||||
/**
|
||||
* Can be an argument of a call or a return value of a function.
|
||||
*/
|
||||
abstract Expr getOutputArg();
|
||||
|
||||
DataFlow::Node getInputNode() {
|
||||
// Assumed to be default to asExpr
|
||||
result.asExpr() = this.getInputArg()
|
||||
}
|
||||
|
||||
DataFlow::Node getOutputNode() {
|
||||
if exists(Call c | c.getAnArgument() = this)
|
||||
then result.asDefiningArgument() = this
|
||||
else result.asExpr() = this
|
||||
}
|
||||
}
|
||||
@@ -1,4 +0,0 @@
|
||||
import OpenSSLOperationBase
|
||||
import EVPCipherOperation
|
||||
import EVPHashOperation
|
||||
import ECKeyGenOperation
|
||||
@@ -1,18 +0,0 @@
|
||||
import cpp
|
||||
private import experimental.quantum.Language
|
||||
private import LibraryDetector
|
||||
private import semmle.code.cpp.dataflow.new.DataFlow
|
||||
|
||||
class OpenSSLRandomNumberGeneratorInstance extends Crypto::RandomNumberGenerationInstance instanceof Call
|
||||
{
|
||||
OpenSSLRandomNumberGeneratorInstance() {
|
||||
this.(Call).getTarget().getName() in ["RAND_bytes", "RAND_pseudo_bytes"] and
|
||||
isPossibleOpenSSLFunction(this.(Call).getTarget())
|
||||
}
|
||||
|
||||
override Crypto::DataFlowNode getOutputNode() {
|
||||
result.asDefiningArgument() = this.(Call).getArgument(0)
|
||||
}
|
||||
|
||||
override string getGeneratorName() { result = this.(Call).getTarget().getName() }
|
||||
}
|
||||
@@ -1,4 +1,4 @@
|
||||
# partial model of the Boost::Asio network library
|
||||
# partial model of the Boost::Asio network library
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/cpp-all
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
# partial model of windows system calls
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/cpp-all
|
||||
extensible: sourceModel
|
||||
data: # namespace, type, subtypes, name, signature, ext, output, kind, provenance
|
||||
# processenv.h
|
||||
- ["", "", False, "GetCommandLineA", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "GetCommandLineW", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "GetEnvironmentStringsA", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "GetEnvironmentStringsW", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "GetEnvironmentVariableA", "", "", "Argument[*1]", "local", "manual"]
|
||||
- ["", "", False, "GetEnvironmentVariableW", "", "", "Argument[*1]", "local", "manual"]
|
||||
# fileapi.h
|
||||
- ["", "", False, "ReadFile", "", "", "Argument[*1]", "local", "manual"]
|
||||
- ["", "", False, "ReadFileEx", "", "", "Argument[*1]", "local", "manual"]
|
||||
# memoryapi.h
|
||||
- ["", "", False, "MapViewOfFile", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFile2", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFile3", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFile3FromApp", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFileEx", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFileFromApp", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
- ["", "", False, "MapViewOfFileNuma2", "", "", "ReturnValue[*]", "local", "manual"]
|
||||
# ntifs.h
|
||||
- ["", "", False, "NtReadFile", "", "", "Argument[*5]", "local", "manual"]
|
||||
- addsTo:
|
||||
pack: codeql/cpp-all
|
||||
extensible: summaryModel
|
||||
data: # namespace, type, subtypes, name, signature, ext, input, output, kind, provenance
|
||||
# shellapi.h
|
||||
- ["", "", False, "CommandLineToArgvA", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
|
||||
- ["", "", False, "CommandLineToArgvW", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
|
||||
# fileapi.h
|
||||
- ["", "", False, "ReadFileEx", "", "", "Argument[*3].Field[@hEvent]", "Argument[4].Parameter[*2].Field[@hEvent]", "value", "manual"]
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1,948 +0,0 @@
|
||||
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
|
||||
extensions:
|
||||
- addsTo:
|
||||
pack: codeql/cpp-all
|
||||
extensible: summaryModel
|
||||
data:
|
||||
- ["", "", True, "Action_add", "(action **,e_action,symbol *,char *)", "", "Argument[**0]", "Argument[**0].Field[**next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Action_add", "(action **,e_action,symbol *,char *)", "", "Argument[*0]", "Argument[**0].Field[*next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Action_add", "(action **,e_action,symbol *,char *)", "", "Argument[0]", "Argument[**0].Field[*next]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Action_add", "(action **,e_action,symbol *,char *)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Configcmp", "(const char *,const char *)", "", "Argument[*0].Field[**rp].Field[*index]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Configcmp", "(const char *,const char *)", "", "Argument[*0].Field[*dot]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Configcmp", "(const char *,const char *)", "", "Argument[*1].Field[**rp].Field[*index]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Configcmp", "(const char *,const char *)", "", "Argument[*1].Field[*dot]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_add", "(rule *,int)", "", "Argument[*0]", "ReturnValue[*].Field[**rp]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_add", "(rule *,int)", "", "Argument[0]", "ReturnValue[*].Field[*rp]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_add", "(rule *,int)", "", "Argument[1]", "ReturnValue[*].Field[*dot]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_addbasis", "(rule *,int)", "", "Argument[*0]", "ReturnValue[*].Field[**rp]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_addbasis", "(rule *,int)", "", "Argument[0]", "ReturnValue[*].Field[*rp]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Configlist_addbasis", "(rule *,int)", "", "Argument[1]", "ReturnValue[*].Field[*dot]", "value", "dfc-generated"]
|
||||
- ["", "", True, "JimDefaultAllocator", "(void *,size_t)", "", "Argument[**0]", "ReturnValue[**]", "value", "dfc-generated"]
|
||||
- ["", "", True, "JimDefaultAllocator", "(void *,size_t)", "", "Argument[*0]", "ReturnValue[**]", "value", "dfc-generated"]
|
||||
- ["", "", True, "JimDefaultAllocator", "(void *,size_t)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "JimDefaultAllocator", "(void *,size_t)", "", "Argument[0]", "ReturnValue[**]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "JimDefaultAllocator", "(void *,size_t)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "JimStringReplaceObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "JimStringReplaceObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_AioFilehandle", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_AioFilehandle", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_AppendObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[*2]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_AppendString", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[*2]", "Argument[*1].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_AppendString", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[2]", "Argument[*1].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_AppendString", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[3]", "Argument[*1].Field[*length]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CallSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[**3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[**2]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[**2]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[*2]", "Argument[**2]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[*2]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[*2]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[2]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CheckShowCommands", "(Jim_Interp *,Jim_Obj *,const char *const *)", "", "Argument[2]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "Argument[*3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*1]", "Argument[*2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*1]", "Argument[*3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*2]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*2]", "Argument[*3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*3]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*3]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*3]", "Argument[*2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[2]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[2]", "Argument[*2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[2]", "Argument[*3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[3]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[3]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[3]", "Argument[*2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CommandMatchObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[3]", "Argument[*3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_CompareStringImmediate", "(Jim_Interp *,Jim_Obj *,const char *)", "", "Argument[*2]", "Argument[*1].Field[*internalRep].Union[**(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CompareStringImmediate", "(Jim_Interp *,Jim_Obj *,const char *)", "", "Argument[2]", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ConcatObj", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[**2].Field[*length]", "ReturnValue[*].Field[*length]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ConcatObj", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ConcatObj", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[1]", "ReturnValue[*].Field[*length]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommand", "(Jim_Interp *,const char *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommand", "(Jim_Interp *,const char *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[*1]", "Argument[*0].Field[**liveList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommand", "(Jim_Interp *,const char *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommand", "(Jim_Interp *,const char *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[1]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommandObj", "(Jim_Interp *,Jim_Obj *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_CreateCommandObj", "(Jim_Interp *,Jim_Obj *,Jim_CmdProc *,void *,Jim_DelCmdProc *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DeleteCommand", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DeleteCommand", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictAddElement", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictAddElement", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictInfo", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictKey", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[*0]", "Argument[**3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictKey", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictKey", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[*0]", "Argument[*3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictKey", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[*2]", "Argument[*3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj **,int)", "", "Argument[*1]", "Argument[**4]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj **,int)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj **,int)", "", "Argument[1]", "Argument[*4]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictMatchTypes", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,int,int)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DictMerge", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictPairs", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[2]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_DictSize", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DuplicateObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DuplicateObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_DuplicateObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_Eval", "(Jim_Interp *,const char *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_Eval", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_Eval", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalExpression", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalExpression", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFile", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**currentFilenameObj].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFile", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFile", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0].Field[**currentFilenameObj].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFile", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFileGlobal", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**currentFilenameObj].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFileGlobal", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFileGlobal", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0].Field[**currentFilenameObj].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalFileGlobal", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalGlobal", "(Jim_Interp *,const char *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalGlobal", "(Jim_Interp *,const char *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalGlobal", "(Jim_Interp *,const char *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**evalFrame].Field[*scriptObj]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalObjList", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalObjList", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[**3]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[**3]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[**3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[**3]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[*1]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[**3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[3]", "Argument[**3]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[3]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjPrefix", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[3]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[**2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*0]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalObjVector", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_EvalSource", "(Jim_Interp *,const char *,int,const char *)", "", "Argument[*3]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_EvalSource", "(Jim_Interp *,const char *,int,const char *)", "", "Argument[3]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_FileStoreStatData", "(Jim_Interp *,Jim_Obj *,const jim_stat_t *)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_FindHashEntry", "(Jim_HashTable *,const void *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_FindHashEntry", "(Jim_HashTable *,const void *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_FormatString", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[**3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_FreeObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_FreeObj", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GenHashFunction", "(const unsigned char *,int)", "", "Argument[*0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GenHashFunction", "(const unsigned char *,int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GenHashFunction", "(const unsigned char *,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetBoolFromExpr", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetBoolFromExpr", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetBoolFromExpr", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetBoolFromExpr", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetBoolean", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "Argument[*2]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetCallFrameByLevel", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*1].Field[**bytes]", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetCallFrameByLevel", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*1].Field[*bytes]", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetCommand", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetCommand", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetDouble", "(Jim_Interp *,Jim_Obj *,double *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetEnum", "(Jim_Interp *,Jim_Obj *,const char *const *,int *,const char *,int)", "", "Argument[**2]", "Argument[*1].Field[*internalRep].Union[**(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetEnum", "(Jim_Interp *,Jim_Obj *,const char *const *,int *,const char *,int)", "", "Argument[*2]", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetEnum", "(Jim_Interp *,Jim_Obj *,const char *const *,int *,const char *,int)", "", "Argument[*2]", "Argument[*1].Field[*internalRep].Union[**(unnamed class/struct/union)]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetEnum", "(Jim_Interp *,Jim_Obj *,const char *const *,int *,const char *,int)", "", "Argument[2]", "Argument[*1].Field[*internalRep].Union[*(unnamed class/struct/union)]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetEnum", "(Jim_Interp *,Jim_Obj *,const char *const *,int *,const char *,int)", "", "Argument[2]", "Argument[*1].Field[*internalRep].Union[**(unnamed class/struct/union)]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetExitCode", "(Jim_Interp *)", "", "Argument[*0].Field[*exitCode]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariable", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariable", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetGlobalVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetHashTableIterator", "(Jim_HashTable *)", "", "Argument[*0]", "ReturnValue[*].Field[**ht]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetHashTableIterator", "(Jim_HashTable *)", "", "Argument[0]", "ReturnValue[*].Field[*ht]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetIndex", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetIndex", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetIndex", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetIndex", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetIndex", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetLong", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetReturnCode", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetSourceInfo", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetSourceInfo", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetSourceInfo", "(Jim_Interp *,Jim_Obj *,int *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetString", "(Jim_Obj *,int *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetString", "(Jim_Obj *,int *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetString", "(Jim_Obj *,int *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariable", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariable", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetVariableStr", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWide", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*0]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[*1]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_GetWideExpr", "(Jim_Interp *,Jim_Obj *,long *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_InitHashTable", "(Jim_HashTable *,const Jim_HashTableType *,void *)", "", "Argument[**2]", "Argument[*0].Field[***privdata]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_InitHashTable", "(Jim_HashTable *,const Jim_HashTableType *,void *)", "", "Argument[*1]", "Argument[*0].Field[**type]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_InitHashTable", "(Jim_HashTable *,const Jim_HashTableType *,void *)", "", "Argument[*2]", "Argument[*0].Field[**privdata]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_InitHashTable", "(Jim_HashTable *,const Jim_HashTableType *,void *)", "", "Argument[1]", "Argument[*0].Field[*type]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_InitHashTable", "(Jim_HashTable *,const Jim_HashTableType *,void *)", "", "Argument[2]", "Argument[*0].Field[*privdata]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_IntHashFunction", "(unsigned int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_InteractivePrompt", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_Length", "(Jim_Obj *)", "", "Argument[*0].Field[*length]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListAppendElement", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListAppendElement", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[2]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListAppendList", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListAppendList", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[*0]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListGetIndex", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[2]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListIndex", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj **,int)", "", "Argument[2]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListIndex", "(Jim_Interp *,Jim_Obj *,int,Jim_Obj **,int)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListInsertElements", "(Jim_Interp *,Jim_Obj *,int,int,Jim_Obj *const *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListInsertElements", "(Jim_Interp *,Jim_Obj *,int,int,Jim_Obj *const *)", "", "Argument[*4]", "Argument[**4]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListInsertElements", "(Jim_Interp *,Jim_Obj *,int,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[**4]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListInsertElements", "(Jim_Interp *,Jim_Obj *,int,int,Jim_Obj *const *)", "", "Argument[3]", "Argument[**4]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListInsertElements", "(Jim_Interp *,Jim_Obj *,int,int,Jim_Obj *const *)", "", "Argument[4]", "Argument[**4]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListJoin", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[*2]", "ReturnValue[*].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListJoin", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[2]", "ReturnValue[*].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListJoin", "(Jim_Interp *,Jim_Obj *,const char *,int)", "", "Argument[3]", "ReturnValue[*].Field[*length]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListLength", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ListRange", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListRange", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListSetIndex", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListSetIndex", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ListSetIndex", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[*result]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeGlobalNamespaceName", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeGlobalNamespaceName", "(Jim_Interp *,Jim_Obj *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeTempFile", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeTempFile", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**result].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeTempFile", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_MakeTempFile", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewDictObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[*1]", "Argument[**1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewDoubleObj", "(Jim_Interp *,double)", "", "Argument[1]", "ReturnValue[*].Field[*internalRep].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewIntObj", "(Jim_Interp *,long)", "", "Argument[1]", "ReturnValue[*].Field[*internalRep].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewListObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewListObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewListObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[*1]", "Argument[**1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewListObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[1]", "Argument[**1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewListObj", "(Jim_Interp *,Jim_Obj *const *,int)", "", "Argument[2]", "Argument[**1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewObj", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewObj", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NewStringObj", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue[*].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObj", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue[*].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObj", "(Jim_Interp *,const char *,int)", "", "Argument[2]", "ReturnValue[*].Field[*length]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjNoAlloc", "(Jim_Interp *,char *,int)", "", "Argument[*1]", "ReturnValue[*].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjNoAlloc", "(Jim_Interp *,char *,int)", "", "Argument[1]", "ReturnValue[*].Field[*bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjNoAlloc", "(Jim_Interp *,char *,int)", "", "Argument[2]", "ReturnValue[*].Field[*length]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjUtf8", "(Jim_Interp *,const char *,int)", "", "Argument[*1]", "ReturnValue[*].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjUtf8", "(Jim_Interp *,const char *,int)", "", "Argument[1]", "ReturnValue[*].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NewStringObjUtf8", "(Jim_Interp *,const char *,int)", "", "Argument[2]", "ReturnValue[*].Field[*length]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_NextHashEntry", "(Jim_HashTableIterator *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_NextHashEntry", "(Jim_HashTableIterator *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ParseSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_ParseSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[*3]", "Argument[**3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ParseSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ParseSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ParseSubCmd", "(Jim_Interp *,const jim_subcmd_type *,int,Jim_Obj *const *)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ReaddirCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[**2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*0]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegexpCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[**2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*0]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[**2]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RegsubCmd", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_RenameCommand", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[2]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_RenameCommand", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[2]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ReturnCode", "(int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_ScanString", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ScanString", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ScanString", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_ScriptIsComplete", "(Jim_Interp *,Jim_Obj *,char *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_SetDictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *,int)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetDictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetDictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetDictKeysVector", "(Jim_Interp *,Jim_Obj *,Jim_Obj *const *,int,Jim_Obj *,int)", "", "Argument[1]", "Argument[*0].Field[*result]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**liveList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**result].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetGlobalVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetResultFormatted", "(Jim_Interp *,const char *,...)", "", "Argument[*1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetResultFormatted", "(Jim_Interp *,const char *,...)", "", "Argument[1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariable", "(Jim_Interp *,Jim_Obj *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_SetVariableLink", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_CallFrame *)", "", "Argument[2]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableLink", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_CallFrame *)", "", "Argument[2]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**liveList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[*1]", "Argument[*0].Field[**result].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStr", "(Jim_Interp *,const char *,Jim_Obj *)", "", "Argument[1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**liveList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**result].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[*2]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[1]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[1]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SetVariableStrWithStr", "(Jim_Interp *,const char *,const char *)", "", "Argument[2]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SignalId", "(int)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StackLen", "(Jim_Stack *)", "", "Argument[*0].Field[*len]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StackPeek", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPeek", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue[**]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPeek", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPop", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPop", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue[**]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPop", "(Jim_Stack *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_StackPush", "(Jim_Stack *,void *)", "", "Argument[*1]", "Argument[*0].Field[***vector]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StackPush", "(Jim_Stack *,void *)", "", "Argument[1]", "Argument[*0].Field[**vector]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StrDup", "(const char *)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StrDup", "(const char *)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StrDupLen", "(const char *,int)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StrDupLen", "(const char *,int)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_String", "(Jim_Obj *)", "", "Argument[*0].Field[**bytes]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_String", "(Jim_Obj *)", "", "Argument[*0].Field[*bytes]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringByteRangeObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_StringByteRangeObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringRangeObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[*1]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "Jim_StringRangeObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj *,Jim_Obj *)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringToDouble", "(const char *,double *)", "", "Argument[*0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringToDouble", "(const char *,double *)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringToWide", "(const char *,long *,int)", "", "Argument[*0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_StringToWide", "(const char *,long *,int)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SubCmdProc", "(Jim_Interp *,int,Jim_Obj *const *)", "", "Argument[*2]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SubstObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[1]", "Argument[*0].Field[**freeList].Field[*prevObjPtr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SubstObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[1]", "Argument[*0].Field[*freeList]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_SubstObj", "(Jim_Interp *,Jim_Obj *,Jim_Obj **,int)", "", "Argument[2]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_UnsetVariable", "(Jim_Interp *,Jim_Obj *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_Utf8Length", "(Jim_Interp *,Jim_Obj *)", "", "Argument[*1].Field[*length]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[*3]", "Argument[*0].Field[**freeList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[*3]", "Argument[*0].Field[**liveList].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[*3]", "Argument[*0].Field[**result].Field[**bytes]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[3]", "Argument[*0].Field[**freeList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[3]", "Argument[*0].Field[**liveList].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_WrongNumArgs", "(Jim_Interp *,int,Jim_Obj *const *,const char *)", "", "Argument[3]", "Argument[*0].Field[**result].Field[**bytes]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Jim_bootstrapInit", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_globInit", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_initjimshInit", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_stdlibInit", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Jim_tclcompatInit", "(Jim_Interp *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "OptInit", "(char **,s_options *,FILE *)", "", "Argument[**0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "OptInit", "(char **,s_options *,FILE *)", "", "Argument[*0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "OptInit", "(char **,s_options *,FILE *)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "OptInit", "(char **,s_options *,FILE *)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Plink_add", "(plink **,config *)", "", "Argument[**0]", "Argument[**0].Field[**next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Plink_add", "(plink **,config *)", "", "Argument[*0]", "Argument[**0].Field[*next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Plink_add", "(plink **,config *)", "", "Argument[0]", "Argument[**0].Field[*next]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Plink_add", "(plink **,config *)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[**0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[*0]", "Argument[**0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[*1]", "Argument[**0]", "value", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[0]", "Argument[**0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[0]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[1]", "Argument[**0]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[1]", "Argument[*0]", "value", "df-generated"]
|
||||
- ["", "", True, "Plink_copy", "(plink **,plink *)", "", "Argument[1]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "Plink_delete", "(plink *)", "", "Argument[0]", "Argument[*0].Field[**next].Field[*next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Plink_delete", "(plink *)", "", "Argument[0]", "Argument[*0].Field[*next]", "value", "dfc-generated"]
|
||||
- ["", "", True, "PrintAction", "(action *,FILE *,int)", "", "Argument[2]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "ResortStates", "(lemon *)", "", "Argument[*0].Field[*nstate]", "Argument[*0].Field[*nxstate]", "value", "dfc-generated"]
|
||||
- ["", "", True, "RulePrint", "(FILE *,rule *,int)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "SHA1Transform", "(unsigned int[5],const unsigned char[64])", "", "Argument[*1]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "SHA1Transform", "(unsigned int[5],const unsigned char[64])", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "SHA1Transform", "(unsigned int[5],const unsigned char[64])", "", "Argument[1]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "State_find", "(config *)", "", "Argument[*0].Field[**bp].Field[**bp]", "Argument[*0]", "value", "dfc-generated"]
|
||||
- ["", "", True, "State_find", "(config *)", "", "Argument[*0].Field[**bp]", "Argument[*0]", "value", "dfc-generated"]
|
||||
- ["", "", True, "State_insert", "(state *,config *)", "", "Argument[*1].Field[**bp].Field[**bp]", "Argument[*1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "State_insert", "(state *,config *)", "", "Argument[*1].Field[**bp]", "Argument[*1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Strsafe", "(const char *)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Strsafe", "(const char *)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Symbol_Nth", "(int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "Symbol_Nth", "(int)", "", "Argument[0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "Symbol_new", "(const char *)", "", "Argument[*0]", "ReturnValue[*].Field[**name]", "value", "dfc-generated"]
|
||||
- ["", "", True, "Symbol_new", "(const char *)", "", "Argument[0]", "ReturnValue[*].Field[**name]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Symbolcmpp", "(const void *,const void *)", "", "Argument[**0].Field[*index]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "Symbolcmpp", "(const void *,const void *)", "", "Argument[**1].Field[*index]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action", "(acttab *,int,int)", "", "Argument[1]", "Argument[*0].Field[**aLookahead].Field[*lookahead]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action", "(acttab *,int,int)", "", "Argument[1]", "Argument[*0].Field[*mnLookahead]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action", "(acttab *,int,int)", "", "Argument[1]", "Argument[*0].Field[*mxLookahead]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action", "(acttab *,int,int)", "", "Argument[2]", "Argument[*0].Field[**aLookahead].Field[*action]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action", "(acttab *,int,int)", "", "Argument[2]", "Argument[*0].Field[*mnAction]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_action_size", "(acttab *)", "", "Argument[*0].Field[*nAction]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_alloc", "(int,int)", "", "Argument[0]", "ReturnValue[*].Field[*nsymbol]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_alloc", "(int,int)", "", "Argument[1]", "ReturnValue[*].Field[*nterminal]", "value", "dfc-generated"]
|
||||
- ["", "", True, "acttab_insert", "(acttab *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "append_str", "(const char *,int,int,int)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "append_str", "(const char *,int,int,int)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "append_str", "(const char *,int,int,int)", "", "Argument[1]", "ReturnValue[*].Field[*sz]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "append_str", "(const char *,int,int,int)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "close_db", "(sqlite3 *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "compute_action", "(lemon *,action *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "confighash", "(config *)", "", "Argument[*0].Field[**rp].Field[*index]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "confighash", "(config *)", "", "Argument[*0].Field[*dot]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "defossilize", "(char *)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "emit_code", "(FILE *,rule *,lemon *,int *)", "", "Argument[*3]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "emit_code", "(FILE *,rule *,lemon *,int *)", "", "Argument[3]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "emit_code", "(FILE *,rule *,lemon *,int *)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "emit_destructor_code", "(FILE *,symbol *,lemon *,int *)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "file_makename", "(lemon *,const char *)", "", "Argument[*0].Field[**filename]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "file_makename", "(lemon *,const char *)", "", "Argument[*0].Field[*filename]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "file_makename", "(lemon *,const char *)", "", "Argument[*1]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "file_makename", "(lemon *,const char *)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "file_open", "(lemon *,const char *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**outname]", "value", "dfc-generated"]
|
||||
- ["", "", True, "file_open", "(lemon *,const char *,const char *)", "", "Argument[*1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "file_open", "(lemon *,const char *,const char *)", "", "Argument[1]", "Argument[*0].Field[**outname]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "file_open", "(lemon *,const char *,const char *)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "getstate", "(lemon *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "has_destructor", "(symbol *,lemon *)", "", "Argument[*1].Field[*tokendest]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "jim_regcomp", "(regex_t *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**regparse]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regcomp", "(regex_t *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[*regparse]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regcomp", "(regex_t *,const char *,int)", "", "Argument[2]", "Argument[*0].Field[*cflags]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regerror", "(int,const regex_t *,char *,size_t)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[*1]", "Argument[*0].Field[**regbol]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[*1]", "Argument[*0].Field[**reginput]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[*1]", "Argument[*0].Field[**start]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[*3]", "Argument[*0].Field[**pmatch]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[2]", "Argument[*0].Field[*nmatch]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[3]", "Argument[*0].Field[*pmatch]", "value", "dfc-generated"]
|
||||
- ["", "", True, "jim_regexec", "(regex_t *,const char *,size_t,regmatch_t[],int)", "", "Argument[4]", "Argument[*0].Field[*eflags]", "value", "dfc-generated"]
|
||||
- ["", "", True, "print_stack_union", "(FILE *,lemon *,int *,int)", "", "Argument[2]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[**4]", "ReturnValue[*].Field[***pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[*1]", "ReturnValue[*].Field[**zDb]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[*2]", "ReturnValue[*].Field[**zUri]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[*4]", "ReturnValue[*].Field[**pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[**zDb].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[**zUri].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[1]", "ReturnValue[*].Field[**zDb]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[2]", "ReturnValue[*].Field[**zUri]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[3]", "ReturnValue[*].Field[*xSql]", "value", "dfc-generated"]
|
||||
- ["", "", True, "recoverInit", "(sqlite3 *,const char *,const char *,..(*)(..),void *)", "", "Argument[4]", "ReturnValue[*].Field[*pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "registerUDFs", "(sqlite3 *,sqlite3 *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "registerUDFs", "(sqlite3 *,sqlite3 *)", "", "Argument[1]", "Argument[*1].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "rule_print", "(FILE *,rule *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sha1sum_file", "(const char *,char *)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sha3sum_file", "(const char *,char *)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "shellReset", "(int *,sqlite3_stmt *)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3CompletionVtabInit", "(sqlite3 *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_aggregate_context", "(sqlite3_context *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_aggregate_context", "(sqlite3_context *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_aggregate_count", "(sqlite3_context *)", "", "Argument[*0].Field[**pMem].Field[*n]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_autovacuum_pages", "(sqlite3 *,..(*)(..),void *,..(*)(..))", "", "Argument[**2]", "Argument[*0].Field[***pAutovacPagesArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_autovacuum_pages", "(sqlite3 *,..(*)(..),void *,..(*)(..))", "", "Argument[*2]", "Argument[*0].Field[**pAutovacPagesArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_autovacuum_pages", "(sqlite3 *,..(*)(..),void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*xAutovacPages]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_autovacuum_pages", "(sqlite3 *,..(*)(..),void *,..(*)(..))", "", "Argument[2]", "Argument[*0].Field[*pAutovacPagesArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_autovacuum_pages", "(sqlite3 *,..(*)(..),void *,..(*)(..))", "", "Argument[3]", "Argument[*0].Field[*xAutovacDestr]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_finish", "(sqlite3_backup *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_backup_init", "(sqlite3 *,const char *,sqlite3 *,const char *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_init", "(sqlite3 *,const char *,sqlite3 *,const char *)", "", "Argument[0]", "ReturnValue[*].Field[*pDestDb]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_init", "(sqlite3 *,const char *,sqlite3 *,const char *)", "", "Argument[2]", "ReturnValue[*].Field[*pSrcDb]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_pagecount", "(sqlite3_backup *)", "", "Argument[*0].Field[*nPagecount]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_remaining", "(sqlite3_backup *)", "", "Argument[*0].Field[*nRemaining]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_backup_step", "(sqlite3_backup *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_base64_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_base85_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_blob64", "(sqlite3_stmt *,int,const void *,sqlite3_uint64,..(*)(..))", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_blob", "(sqlite3_stmt *,int,const void *,int,..(*)(..))", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_double", "(sqlite3_stmt *,int,double)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_int64", "(sqlite3_stmt *,int,sqlite3_int64,sqlite_int64)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_int", "(sqlite3_stmt *,int,int)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_parameter_count", "(sqlite3_stmt *)", "", "Argument[*0].Field[*nVar]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_parameter_index", "(sqlite3_stmt *,const char *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_parameter_name", "(sqlite3_stmt *,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_parameter_name", "(sqlite3_stmt *,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_pointer", "(sqlite3_stmt *,int,void *,const char *,..(*)(..))", "", "Argument[*2]", "Argument[*0].Field[**aVar].Field[**z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_pointer", "(sqlite3_stmt *,int,void *,const char *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_pointer", "(sqlite3_stmt *,int,void *,const char *,..(*)(..))", "", "Argument[2]", "Argument[*0].Field[**aVar].Field[*z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_pointer", "(sqlite3_stmt *,int,void *,const char *,..(*)(..))", "", "Argument[4]", "Argument[*0].Field[**aVar].Field[*xDel]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_text16", "(sqlite3_stmt *,int,const void *,int,..(*)(..))", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_text64", "(sqlite3_stmt *,int,const char *,sqlite3_uint64,..(*)(..),unsigned char)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_text", "(sqlite3_stmt *,int,const char *,int,..(*)(..))", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_bind_value", "(sqlite3_stmt *,int,const sqlite3_value *)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_zeroblob64", "(sqlite3_stmt *,int,sqlite3_uint64)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_bind_zeroblob", "(sqlite3_stmt *,int,int)", "", "Argument[1]", "Argument[*0].Field[**aVar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_bytes", "(sqlite3_blob *)", "", "Argument[*0].Field[*nByte]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_close", "(sqlite3_blob *)", "", "Argument[*0].Field[**pStmt].Field[*rc]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[*2]", "Argument[**6].Field[**pTab].Field[**zName]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[*3]", "Argument[**6].Field[*iCol]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[*3]", "Argument[**6].Field[*iOffset]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[*3]", "Argument[**6].Field[*nByte]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[2]", "Argument[**6].Field[**pTab].Field[**zName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[3]", "Argument[**6].Field[*iCol]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[3]", "Argument[**6].Field[*iOffset]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_open", "(sqlite3 *,const char *,const char *,const char *,sqlite3_int64,sqlite_int64,int,sqlite3_blob **)", "", "Argument[3]", "Argument[**6].Field[*nByte]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_read", "(sqlite3_blob *,void *,int,int)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_read", "(sqlite3_blob *,void *,int,int)", "", "Argument[2]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_read", "(sqlite3_blob *,void *,int,int)", "", "Argument[3]", "Argument[*0].Field[**pCsr].Field[**aOverflow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_read", "(sqlite3_blob *,void *,int,int)", "", "Argument[3]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_reopen", "(sqlite3_blob *,sqlite3_int64)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_blob_write", "(sqlite3_blob *,const void *,int,int)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_write", "(sqlite3_blob *,const void *,int,int)", "", "Argument[2]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_write", "(sqlite3_blob *,const void *,int,int)", "", "Argument[3]", "Argument[*0].Field[**pCsr].Field[**aOverflow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_blob_write", "(sqlite3_blob *,const void *,int,int)", "", "Argument[3]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_handler", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[*busyHandler].Field[***pBusyArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_handler", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[*busyHandler].Field[**pBusyArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_handler", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*busyHandler].Field[*xBusyHandler]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_handler", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*busyHandler].Field[*pBusyArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_timeout", "(sqlite3 *,int)", "", "Argument[*0]", "Argument[*0].Field[*busyHandler].Field[**pBusyArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_timeout", "(sqlite3 *,int)", "", "Argument[0]", "Argument[*0].Field[*busyHandler].Field[*pBusyArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_busy_timeout", "(sqlite3 *,int)", "", "Argument[1]", "Argument[*0].Field[*busyTimeout]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_changes64", "(sqlite3 *)", "", "Argument[*0].Field[*nChange]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_changes", "(sqlite3 *)", "", "Argument[*0].Field[*nChange]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_close", "(sqlite3 *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed16", "(sqlite3 *,void *,..(*)(..))", "", "Argument[**1]", "Argument[*0].Field[***pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed16", "(sqlite3 *,void *,..(*)(..))", "", "Argument[*1]", "Argument[*0].Field[**pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed16", "(sqlite3 *,void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed16", "(sqlite3 *,void *,..(*)(..))", "", "Argument[2]", "Argument[*0].Field[*xCollNeeded16]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed", "(sqlite3 *,void *,..(*)(..))", "", "Argument[**1]", "Argument[*0].Field[***pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed", "(sqlite3 *,void *,..(*)(..))", "", "Argument[*1]", "Argument[*0].Field[**pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed", "(sqlite3 *,void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*pCollNeededArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_collation_needed", "(sqlite3 *,void *,..(*)(..))", "", "Argument[2]", "Argument[*0].Field[*xCollNeeded]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_blob", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_bytes16", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_bytes", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_count", "(sqlite3_stmt *)", "", "Argument[*0].Field[*nResColumn]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_decltype16", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**aColName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_decltype", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**aColName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_double", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_int64", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_int", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_name16", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**aColName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_name16", "(sqlite3_stmt *,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_name16", "(sqlite3_stmt *,int)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_name", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**aColName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_name", "(sqlite3_stmt *,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_text16", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_text", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_type", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[**pResultRow]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_value", "(sqlite3_stmt *,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_column_value", "(sqlite3_stmt *,int)", "", "Argument[1]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_commit_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pCommitArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_commit_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pCommitArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_commit_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xCommitCallback]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_commit_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pCommitArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_compileoption_get", "(int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_completion_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_context_db_handle", "(sqlite3_context *)", "", "Argument[*0].Field[**pOut].Field[**db]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_context_db_handle", "(sqlite3_context *)", "", "Argument[*0].Field[**pOut].Field[*db]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_collation16", "(sqlite3 *,const void *,int,void *,..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_collation", "(sqlite3 *,const char *,int,void *,..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_collation_v2", "(sqlite3 *,const char *,int,void *,..(*)(..),..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function16", "(sqlite3 *,const void *,int,int,void *,..(*)(..),..(*)(..),..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function_v2", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function_v2", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_function_v2", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_module", "(sqlite3 *,const char *,const sqlite3_module *,void *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_module", "(sqlite3 *,const char *,const sqlite3_module *,void *)", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_module", "(sqlite3 *,const char *,const sqlite3_module *,void *)", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_module_v2", "(sqlite3 *,const char *,const sqlite3_module *,void *,..(*)(..))", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_module_v2", "(sqlite3 *,const char *,const sqlite3_module *,void *,..(*)(..))", "", "Argument[*1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_module_v2", "(sqlite3 *,const char *,const sqlite3_module *,void *,..(*)(..))", "", "Argument[1]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_create_window_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_window_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_create_window_function", "(sqlite3 *,const char *,int,int,void *,..(*)(..),..(*)(..),..(*)(..),..(*)(..),..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_data_count", "(sqlite3_stmt *)", "", "Argument[*0].Field[*nResColumn]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_handle", "(sqlite3_stmt *)", "", "Argument[*0].Field[**db]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_handle", "(sqlite3_stmt *)", "", "Argument[*0].Field[*db]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_mutex", "(sqlite3 *)", "", "Argument[*0].Field[**mutex]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_mutex", "(sqlite3 *)", "", "Argument[*0].Field[*mutex]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_name", "(sqlite3 *,int)", "", "Argument[*0].Field[**aDb].Field[**zDbSName]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_name", "(sqlite3 *,int)", "", "Argument[*0].Field[**aDb].Field[*zDbSName]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_status", "(sqlite3 *,int,int *,int *,int)", "", "Argument[1]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_db_status", "(sqlite3 *,int,int *,int *,int)", "", "Argument[1]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_dbdata_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_decimal_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_declare_vtab", "(sqlite3 *,const char *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_deserialize", "(sqlite3 *,const char *,unsigned char *,sqlite3_int64,sqlite3_int64,unsigned int)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_errcode", "(sqlite3 *)", "", "Argument[*0].Field[*errCode]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_errcode", "(sqlite3 *)", "", "Argument[*0].Field[*errMask]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_errmsg16", "(sqlite3 *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_errmsg", "(sqlite3 *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_errmsg", "(sqlite3 *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_error_offset", "(sqlite3 *)", "", "Argument[*0].Field[*errByteOffset]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_errstr", "(int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[*1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[*1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_exec", "(sqlite3 *,const char *,..(*)(..),sqlite3_callback,void *,char **)", "", "Argument[4]", "Argument[*4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expanded_sql", "(sqlite3_stmt *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_expert_analyze", "(sqlite3expert *,char **)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_count", "(sqlite3expert *)", "", "Argument[*0].Field[**pStatement].Field[*iId]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_new", "(sqlite3 *,char **)", "", "Argument[0]", "ReturnValue[*].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_new", "(sqlite3 *,char **)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_report", "(sqlite3expert *,int,int)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_expert_report", "(sqlite3expert *,int,int)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_expert_sql", "(sqlite3expert *,const char *,char **)", "", "Argument[*1]", "Argument[*0].Field[**pStatement].Field[**zSql]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_sql", "(sqlite3expert *,const char *,char **)", "", "Argument[1]", "Argument[*0].Field[**pStatement].Field[**zSql]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_expert_sql", "(sqlite3expert *,const char *,char **)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_extended_errcode", "(sqlite3 *)", "", "Argument[*0].Field[*errCode]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_file_control", "(sqlite3 *,const char *,int,void *)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_fileio_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_database", "(const char *,sqlite3_filename)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_database", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_database", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_journal", "(const char *,sqlite3_filename)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_journal", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_journal", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_wal", "(const char *,sqlite3_filename)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_wal", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_filename_wal", "(const char *,sqlite3_filename)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_finalize", "(sqlite3_stmt *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_free_filename", "(const char *,sqlite3_filename)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_free_table", "(char **)", "", "Argument[*0]", "Argument[**0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_free_table", "(char **)", "", "Argument[0]", "Argument[**0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_free_table", "(char **)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_autocommit", "(sqlite3 *)", "", "Argument[*0].Field[*autoCommit]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_clientdata", "(sqlite3 *,const char *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_get_clientdata", "(sqlite3 *,const char *)", "", "Argument[*0]", "ReturnValue[**]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_get_clientdata", "(sqlite3 *,const char *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[*1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[*1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_get_table", "(sqlite3 *,const char *,char ***,int *,int *,char **)", "", "Argument[5]", "Argument[*5]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_ieee_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_error", "(sqlite3_intck *,const char **)", "", "Argument[*0]", "Argument[**1]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_error", "(sqlite3_intck *,const char **)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_error", "(sqlite3_intck *,const char **)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_message", "(sqlite3_intck *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_message", "(sqlite3_intck *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_open", "(sqlite3 *,const char *,sqlite3_intck **)", "", "Argument[*1]", "Argument[**2]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_open", "(sqlite3 *,const char *,sqlite3_intck **)", "", "Argument[0]", "Argument[**2].Field[**zDb].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_open", "(sqlite3 *,const char *,sqlite3_intck **)", "", "Argument[0]", "Argument[**2].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_open", "(sqlite3 *,const char *,sqlite3_intck **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_open", "(sqlite3 *,const char *,sqlite3_intck **)", "", "Argument[1]", "Argument[**2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_intck_step", "(sqlite3_intck *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_test_sql", "(sqlite3_intck *,const char *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_test_sql", "(sqlite3_intck *,const char *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_intck_unlock", "(sqlite3_intck *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_keyword_name", "(int,const char **,int *)", "", "Argument[0]", "Argument[**1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_keyword_name", "(int,const char **,int *)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_keyword_name", "(int,const char **,int *)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_last_insert_rowid", "(sqlite3 *)", "", "Argument[*0].Field[*lastRowid]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_limit", "(sqlite3 *,int,int)", "", "Argument[*0].Field[*aLimit]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_limit", "(sqlite3 *,int,int)", "", "Argument[1]", "Argument[*0].Field[*aLimit]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_limit", "(sqlite3 *,int,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_limit", "(sqlite3 *,int,int)", "", "Argument[2]", "Argument[*0].Field[*aLimit]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_load_extension", "(sqlite3 *,const char *,const char *,char **)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_next_stmt", "(sqlite3 *,sqlite3_stmt *)", "", "Argument[*1].Field[**pVNext]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_next_stmt", "(sqlite3 *,sqlite3_stmt *)", "", "Argument[*1].Field[*pVNext]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_open16", "(const void *,sqlite3 **)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_open_v2", "(const char *,sqlite3 **,int,const char *)", "", "Argument[2]", "Argument[**1].Field[*openFlags]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_overload_function", "(sqlite3 *,const char *,int)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_overload_function", "(sqlite3 *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_overload_function", "(sqlite3 *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_percentile_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[*1]", "Argument[**4]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[**4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[*4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v2", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[*1]", "Argument[**4]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v2", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v2", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[**4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v2", "(sqlite3 *,const void *,int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[*4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v3", "(sqlite3 *,const void *,int,unsigned int,sqlite3_stmt **,const void **)", "", "Argument[*1]", "Argument[**5]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v3", "(sqlite3 *,const void *,int,unsigned int,sqlite3_stmt **,const void **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v3", "(sqlite3 *,const void *,int,unsigned int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[**5]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v3", "(sqlite3 *,const void *,int,unsigned int,sqlite3_stmt **,const void **)", "", "Argument[1]", "Argument[*5]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare16_v3", "(sqlite3 *,const void *,int,unsigned int,sqlite3_stmt **,const void **)", "", "Argument[3]", "Argument[**4].Field[*prepFlags]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[*1]", "Argument[**4]", "value", "df-generated"]
|
||||
- ["", "", True, "sqlite3_prepare", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[**4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[*4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v2", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[*1]", "Argument[**4]", "value", "df-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v2", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v2", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[**4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v2", "(sqlite3 *,const char *,int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[*4]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v3", "(sqlite3 *,const char *,int,unsigned int,sqlite3_stmt **,const char **)", "", "Argument[*1]", "Argument[**5]", "value", "df-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v3", "(sqlite3 *,const char *,int,unsigned int,sqlite3_stmt **,const char **)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v3", "(sqlite3 *,const char *,int,unsigned int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[**5]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v3", "(sqlite3 *,const char *,int,unsigned int,sqlite3_stmt **,const char **)", "", "Argument[2]", "Argument[*5]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_prepare_v3", "(sqlite3 *,const char *,int,unsigned int,sqlite3_stmt **,const char **)", "", "Argument[3]", "Argument[**4].Field[*prepFlags]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_profile", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pProfileArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_profile", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pProfileArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_profile", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xProfile]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_profile", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pProfileArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_progress_handler", "(sqlite3 *,int,..(*)(..),void *)", "", "Argument[**3]", "Argument[*0].Field[***pProgressArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_progress_handler", "(sqlite3 *,int,..(*)(..),void *)", "", "Argument[*3]", "Argument[*0].Field[**pProgressArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_progress_handler", "(sqlite3 *,int,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*nProgressOps]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_progress_handler", "(sqlite3 *,int,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*xProgress]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_progress_handler", "(sqlite3 *,int,..(*)(..),void *)", "", "Argument[3]", "Argument[*0].Field[*pProgressArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_randomness", "(int,void *)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc64", "(void *,sqlite3_uint64)", "", "Argument[**0]", "ReturnValue[**]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc64", "(void *,sqlite3_uint64)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc64", "(void *,sqlite3_uint64)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc", "(void *,int)", "", "Argument[**0]", "ReturnValue[**]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc", "(void *,int)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_realloc", "(void *,int)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_config", "(sqlite3_recover *,int,void *)", "", "Argument[*2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_recover_config", "(sqlite3_recover *,int,void *)", "", "Argument[2]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_recover_config", "(sqlite3_recover *,int,void *)", "", "Argument[2]", "Argument[*2]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_recover_errcode", "(sqlite3_recover *)", "", "Argument[*0].Field[*errCode]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_errmsg", "(sqlite3_recover *)", "", "Argument[*0].Field[**zErrMsg]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_errmsg", "(sqlite3_recover *)", "", "Argument[*0].Field[*zErrMsg]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_finish", "(sqlite3_recover *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[*1]", "ReturnValue[*].Field[**zDb]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[*2]", "ReturnValue[*].Field[**zUri]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[0]", "ReturnValue[*].Field[**zDb].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[0]", "ReturnValue[*].Field[**zUri].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[0]", "ReturnValue[*].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[1]", "ReturnValue[*].Field[**zDb]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init", "(sqlite3 *,const char *,const char *)", "", "Argument[2]", "ReturnValue[*].Field[**zUri]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[**3]", "ReturnValue[*].Field[***pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[*1]", "ReturnValue[*].Field[**zDb]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[*3]", "ReturnValue[*].Field[**pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[**zDb].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[**zUri].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[0]", "ReturnValue[*].Field[*dbIn]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[1]", "ReturnValue[*].Field[**zDb]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[2]", "ReturnValue[*].Field[*xSql]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_init_sql", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[3]", "ReturnValue[*].Field[*pSqlCtx]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_recover_run", "(sqlite3_recover *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_recover_step", "(sqlite3_recover *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_regexp_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_reset", "(sqlite3_stmt *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[*1]", "Argument[*0].Field[**pOut].Field[**zMalloc]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[*1]", "Argument[*0].Field[**pOut].Field[**z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[**z]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[*zMalloc]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[*z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[2]", "Argument[*0].Field[**pOut].Field[**z]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error16", "(sqlite3_context *,const void *,int)", "", "Argument[2]", "Argument[*0].Field[**pOut].Field[*n]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**pOut].Field[**zMalloc]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**pOut].Field[**z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[**z]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[*zMalloc]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**pOut].Field[*z]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[2]", "Argument[*0].Field[**pOut].Field[**z]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error", "(sqlite3_context *,const char *,int)", "", "Argument[2]", "Argument[*0].Field[**pOut].Field[*n]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_result_error_code", "(sqlite3_context *,int)", "", "Argument[1]", "Argument[*0].Field[*isError]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rollback_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pRollbackArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rollback_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pRollbackArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rollback_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xRollbackCallback]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rollback_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pRollbackArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_geometry_callback", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_geometry_callback", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_geometry_callback", "(sqlite3 *,const char *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_query_callback", "(sqlite3 *,const char *,..(*)(..),void *,..(*)(..))", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_query_callback", "(sqlite3 *,const char *,..(*)(..),void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_rtree_query_callback", "(sqlite3 *,const char *,..(*)(..),void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[*lookaside].Field[**pSmallFree]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_serialize", "(sqlite3 *,const char *,sqlite3_int64 *,unsigned int)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_series_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_set_authorizer", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pAuthArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_authorizer", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pAuthArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_authorizer", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xAuth]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_authorizer", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pAuthArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_clientdata", "(sqlite3 *,const char *,void *,..(*)(..))", "", "Argument[*1]", "Argument[*0].Field[**pDbData].Field[*zName]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_clientdata", "(sqlite3 *,const char *,void *,..(*)(..))", "", "Argument[1]", "Argument[*0].Field[**pDbData].Field[*zName]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_set_last_insert_rowid", "(sqlite3 *,sqlite3_int64)", "", "Argument[1]", "Argument[*0].Field[*lastRowid]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_sha_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_shathree_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_snprintf", "(int,char *,const char *,...)", "", "Argument[*1]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_snprintf", "(int,char *,const char *,...)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_sql", "(sqlite3_stmt *)", "", "Argument[*0].Field[**zSql]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_sql", "(sqlite3_stmt *)", "", "Argument[*0].Field[*zSql]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_sqlar_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_status64", "(int,sqlite3_int64 *,sqlite3_int64 *,int)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_status64", "(int,sqlite3_int64 *,sqlite3_int64 *,int)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_status", "(int,int *,int *,int)", "", "Argument[0]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_status", "(int,int *,int *,int)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_step", "(sqlite3_stmt *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_step", "(sqlite3_stmt *)", "", "Argument[0]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_step", "(sqlite3_stmt *)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_explain", "(sqlite3_stmt *,int)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_explain", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[*explain]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_explain", "(sqlite3_stmt *,int)", "", "Argument[1]", "Argument[*0].Field[*nResColumn]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_isexplain", "(sqlite3_stmt *)", "", "Argument[*0].Field[*explain]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_readonly", "(sqlite3_stmt *)", "", "Argument[*0].Field[*readOnly]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmt_status", "(sqlite3_stmt *,int,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stmtrand_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_append", "(sqlite3_str *,const char *,int)", "", "Argument[*1]", "Argument[*0].Field[**zText]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_append", "(sqlite3_str *,const char *,int)", "", "Argument[1]", "Argument[*0].Field[**zText]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_append", "(sqlite3_str *,const char *,int)", "", "Argument[2]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_append", "(sqlite3_str *,const char *,int)", "", "Argument[2]", "Argument[*0].Field[*nChar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendall", "(sqlite3_str *,const char *)", "", "Argument[*1]", "Argument[*0].Field[**zText]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendall", "(sqlite3_str *,const char *)", "", "Argument[1]", "Argument[*0].Field[**zText]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendchar", "(sqlite3_str *,int,char)", "", "Argument[1]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendchar", "(sqlite3_str *,int,char)", "", "Argument[2]", "Argument[*0].Field[**zText]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[*1]", "Argument[*0].Field[**zText]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[*1]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[*1]", "Argument[*0].Field[*nChar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[1]", "Argument[*0].Field[**zText]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[1]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_appendf", "(StrAccum *,sqlite3_str *,const char *,...)", "", "Argument[1]", "Argument[*0].Field[*nChar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_errcode", "(sqlite3_str *)", "", "Argument[*0].Field[*accError]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_finish", "(sqlite3_str *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_str_finish", "(sqlite3_str *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_str_length", "(sqlite3_str *)", "", "Argument[*0].Field[*nChar]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_new", "(sqlite3 *)", "", "Argument[*0].Field[*aLimit]", "ReturnValue[*].Field[*mxAlloc]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_value", "(sqlite3_str *)", "", "Argument[*0].Field[**zText]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_value", "(sqlite3_str *)", "", "Argument[*0].Field[*zText]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[*1]", "Argument[*0].Field[**zText]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[*1]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[*1]", "Argument[*0].Field[*nChar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[1]", "Argument[*0].Field[**zText]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[1]", "Argument[*0].Field[*nAlloc]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_str_vappendf", "(sqlite3_str *,const char *,va_list)", "", "Argument[1]", "Argument[*0].Field[*nChar]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strglob", "(const char *,const char *)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stricmp", "(const char *,const char *)", "", "Argument[*0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stricmp", "(const char *,const char *)", "", "Argument[*1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stricmp", "(const char *,const char *)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_stricmp", "(const char *,const char *)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strlike", "(const char *,const char *,unsigned int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strnicmp", "(const char *,const char *,int)", "", "Argument[*0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strnicmp", "(const char *,const char *,int)", "", "Argument[*1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strnicmp", "(const char *,const char *,int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_strnicmp", "(const char *,const char *,int)", "", "Argument[1]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_system_errno", "(sqlite3 *)", "", "Argument[*0].Field[*iSysErrno]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_table_column_metadata", "(sqlite3 *,const char *,const char *,const char *,const char **,const char **,int *,int *,int *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_total_changes64", "(sqlite3 *)", "", "Argument[*0].Field[*nTotalChange]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_total_changes", "(sqlite3 *)", "", "Argument[*0].Field[*nTotalChange]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*trace].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace_v2", "(sqlite3 *,unsigned int,..(*)(..),void *)", "", "Argument[**3]", "Argument[*0].Field[***pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace_v2", "(sqlite3 *,unsigned int,..(*)(..),void *)", "", "Argument[*3]", "Argument[*0].Field[**pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace_v2", "(sqlite3 *,unsigned int,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*mTrace]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace_v2", "(sqlite3 *,unsigned int,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*trace].Union[*(unnamed class/struct/union)]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_trace_v2", "(sqlite3 *,unsigned int,..(*)(..),void *)", "", "Argument[3]", "Argument[*0].Field[*pTraceArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_transfer_bindings", "(sqlite3_stmt *,sqlite3_stmt *)", "", "Argument[*0]", "Argument[*1]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_uint_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_update_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pUpdateArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_update_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pUpdateArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_update_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xUpdateCallback]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_update_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pUpdateArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_boolean", "(const char *,sqlite3_filename,const char *,int)", "", "Argument[*0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_boolean", "(const char *,sqlite3_filename,const char *,int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_boolean", "(const char *,sqlite3_filename,const char *,int)", "", "Argument[2]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_int64", "(const char *,sqlite3_filename,const char *,sqlite3_int64)", "", "Argument[*0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_int64", "(const char *,sqlite3_filename,const char *,sqlite3_int64)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_int64", "(const char *,sqlite3_filename,const char *,sqlite3_int64)", "", "Argument[2]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_key", "(const char *,sqlite3_filename,int)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_key", "(const char *,sqlite3_filename,int)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_key", "(const char *,sqlite3_filename,int)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_parameter", "(const char *,sqlite3_filename,const char *)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_parameter", "(const char *,sqlite3_filename,const char *)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_uri_parameter", "(const char *,sqlite3_filename,const char *)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_user_data", "(sqlite3_context *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_user_data", "(sqlite3_context *)", "", "Argument[*0]", "ReturnValue[**]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_user_data", "(sqlite3_context *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_blob", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_blob", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_bytes16", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_bytes", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_double", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_dup", "(const sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "value", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_dup", "(const sqlite3_value *)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_encoding", "(sqlite3_value *)", "", "Argument[*0].Field[*enc]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_frombind", "(sqlite3_value *)", "", "Argument[*0].Field[*flags]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_int64", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_int", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_numeric_type", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_pointer", "(sqlite3_value *,const char *)", "", "Argument[*0].Field[**z]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_pointer", "(sqlite3_value *,const char *)", "", "Argument[*0].Field[*z]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_subtype", "(sqlite3_value *)", "", "Argument[*0].Field[*eSubtype]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16be", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16be", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16le", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text16le", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_text", "(sqlite3_value *)", "", "Argument[*0]", "ReturnValue[*]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_value_type", "(sqlite3_value *)", "", "Argument[*0].Field[*flags]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vmprintf", "(const char *,va_list)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vsnprintf", "(int,char *,const char *,va_list)", "", "Argument[*1]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vsnprintf", "(int,char *,const char *,va_list)", "", "Argument[1]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vsnprintf", "(int,char *,const char *,va_list)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_collation", "(sqlite3_index_info *,int)", "", "Argument[0]", "Argument[*0]", "taint", "df-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_distinct", "(sqlite3_index_info *)", "", "Argument[*0].Field[*eDistinct]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_in", "(sqlite3_index_info *,int,int)", "", "Argument[1]", "Argument[*0].Field[*mHandleIn]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_in_first", "(sqlite3_value *,sqlite3_value **)", "", "Argument[*0].Field[**z].Field[**pOut]", "Argument[**1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_in_first", "(sqlite3_value *,sqlite3_value **)", "", "Argument[*0].Field[**z].Field[*pOut]", "Argument[*1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_in_next", "(sqlite3_value *,sqlite3_value **)", "", "Argument[*0].Field[**z].Field[**pOut]", "Argument[**1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_in_next", "(sqlite3_value *,sqlite3_value **)", "", "Argument[*0].Field[**z].Field[*pOut]", "Argument[*1]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_on_conflict", "(sqlite3 *)", "", "Argument[*0].Field[*vtabOnConflict]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_rhs_value", "(sqlite3_index_info *,int,sqlite3_value **)", "", "Argument[1]", "Argument[*0].Field[*aRhs]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_vtab_rhs_value", "(sqlite3_index_info *,int,sqlite3_value **)", "", "Argument[1]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_autocheckpoint", "(sqlite3 *,int)", "", "Argument[1]", "Argument[*0].Field[*pWalArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_checkpoint", "(sqlite3 *,const char *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_checkpoint_v2", "(sqlite3 *,const char *,int,int *,int *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[**2]", "Argument[*0].Field[***pWalArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[*2]", "Argument[*0].Field[**pWalArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[1]", "Argument[*0].Field[*xWalCallback]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_wal_hook", "(sqlite3 *,..(*)(..),void *)", "", "Argument[2]", "Argument[*0].Field[*pWalArg]", "value", "dfc-generated"]
|
||||
- ["", "", True, "sqlite3_zipfile_init", "(sqlite3 *,char **,const sqlite3_api_routines *)", "", "Argument[0]", "Argument[*0].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "statecmp", "(config *,config *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "statecmp", "(config *,config *)", "", "Argument[*1]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "statehash", "(config *)", "", "Argument[*0]", "ReturnValue", "taint", "df-generated"]
|
||||
- ["", "", True, "strhash", "(const char *)", "", "Argument[*0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "strhash", "(const char *)", "", "Argument[0]", "ReturnValue", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_linedir", "(FILE *,int,char *)", "", "Argument[1]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_linedir", "(FILE *,int,char *)", "", "Argument[2]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_print", "(FILE *,lemon *,char *,int *)", "", "Argument[*1].Field[*outname]", "Argument[*1].Field[**outname]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_print", "(FILE *,lemon *,char *,int *)", "", "Argument[*3]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_print", "(FILE *,lemon *,char *,int *)", "", "Argument[2]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_print", "(FILE *,lemon *,char *,int *)", "", "Argument[3]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_print", "(FILE *,lemon *,char *,int *)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_skip_header", "(FILE *,int *)", "", "Argument[1]", "Argument[*1]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_xfer", "(char *,FILE *,FILE *,int *)", "", "Argument[*0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_xfer", "(char *,FILE *,FILE *,int *)", "", "Argument[*1]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_xfer", "(char *,FILE *,FILE *,int *)", "", "Argument[0]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_xfer", "(char *,FILE *,FILE *,int *)", "", "Argument[1]", "Argument[*2]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "tplt_xfer", "(char *,FILE *,FILE *,int *)", "", "Argument[3]", "Argument[*3]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "useDummyCS", "(void *,sqlite3 *,int,const char *)", "", "Argument[1]", "Argument[*1].Field[**pErr].Field[*db]", "value", "dfc-generated"]
|
||||
- ["", "", True, "utf8_fromunicode", "(char *,unsigned int)", "", "Argument[0]", "Argument[*0]", "taint", "dfc-generated"]
|
||||
- ["", "", True, "utf8_fromunicode", "(char *,unsigned int)", "", "Argument[1]", "Argument[*0]", "value", "dfc-generated"]
|
||||
- ["", "", True, "zSkipValidUtf8", "(const char *,int,long)", "", "Argument[*0]", "ReturnValue[*]", "value", "dfc-generated"]
|
||||
- ["", "", True, "zSkipValidUtf8", "(const char *,int,long)", "", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
|
||||
- ["", "", True, "zSkipValidUtf8", "(const char *,int,long)", "", "Argument[0]", "ReturnValue[*]", "taint", "dfc-generated"]
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 4.3.2-dev
|
||||
version: 4.3.1-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
@@ -8,7 +8,6 @@ upgrades: upgrades
|
||||
dependencies:
|
||||
codeql/dataflow: ${workspace}
|
||||
codeql/mad: ${workspace}
|
||||
codeql/quantum: ${workspace}
|
||||
codeql/rangeanalysis: ${workspace}
|
||||
codeql/ssa: ${workspace}
|
||||
codeql/typeflow: ${workspace}
|
||||
|
||||
@@ -98,6 +98,19 @@ class Node extends TNode {
|
||||
/** Gets the location of this element. */
|
||||
Location getLocation() { none() } // overridden by subclasses
|
||||
|
||||
/**
|
||||
* Holds if this element is at the specified location.
|
||||
* The location spans column `startcolumn` of line `startline` to
|
||||
* column `endcolumn` of line `endline` in file `filepath`.
|
||||
* For more information, see
|
||||
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
|
||||
*/
|
||||
deprecated predicate hasLocationInfo(
|
||||
string filepath, int startline, int startcolumn, int endline, int endcolumn
|
||||
) {
|
||||
this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an upper bound on the type of this node.
|
||||
*/
|
||||
|
||||
@@ -22,11 +22,7 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
||||
|
||||
ArgumentPosition callbackSelfParameterPosition() { result = TDirectPosition(-1) }
|
||||
|
||||
ReturnKind getStandardReturnValueKind() { result = getReturnValueKind("") }
|
||||
|
||||
ReturnKind getReturnValueKind(string arg) {
|
||||
arg = repeatStars(result.(NormalReturnKind).getIndirectionIndex())
|
||||
}
|
||||
ReturnKind getStandardReturnValueKind() { result.(NormalReturnKind).getIndirectionIndex() = 0 }
|
||||
|
||||
string encodeParameterPosition(ParameterPosition pos) { result = pos.toString() }
|
||||
|
||||
|
||||
@@ -1143,10 +1143,6 @@ private newtype TDataFlowCall =
|
||||
FlowSummaryImpl::Private::summaryCallbackRange(c, receiver)
|
||||
}
|
||||
|
||||
private predicate summarizedCallableIsManual(SummarizedCallable sc) {
|
||||
sc.asSummarizedCallable().applyManualModel()
|
||||
}
|
||||
|
||||
/**
|
||||
* A function call relevant for data flow. This includes calls from source
|
||||
* code and calls inside library callables with a flow summary.
|
||||
@@ -1168,27 +1164,15 @@ class DataFlowCall extends TDataFlowCall {
|
||||
Function getStaticCallSourceTarget() { none() }
|
||||
|
||||
/**
|
||||
* Gets the target of this call. We use the following strategy for deciding
|
||||
* between the source callable and a summarized callable:
|
||||
* - If there is a manual summary then we always use the manual summary.
|
||||
* - If there is a source callable and we only have generated summaries
|
||||
* we use the source callable.
|
||||
* - If there is no source callable then we use the summary regardless of
|
||||
* whether is it manual or generated.
|
||||
* Gets the target of this call. If a summarized callable exists for the
|
||||
* target this is chosen, and otherwise the callable is the implementation
|
||||
* from the source code.
|
||||
*/
|
||||
final DataFlowCallable getStaticCallTarget() {
|
||||
DataFlowCallable getStaticCallTarget() {
|
||||
exists(Function target | target = this.getStaticCallSourceTarget() |
|
||||
// Don't use the source callable if there is a manual model for the
|
||||
// target
|
||||
not exists(SummarizedCallable sc |
|
||||
sc.asSummarizedCallable() = target and
|
||||
summarizedCallableIsManual(sc)
|
||||
) and
|
||||
not exists(TSummarizedCallable(target)) and
|
||||
result.asSourceCallable() = target
|
||||
or
|
||||
// When there is no function body, or when we have a manual model then
|
||||
// we dispatch to the summary.
|
||||
(not target.hasDefinition() or summarizedCallableIsManual(result)) and
|
||||
result.asSummarizedCallable() = target
|
||||
)
|
||||
}
|
||||
@@ -1583,7 +1567,7 @@ private int countNumberOfBranchesUsingParameter(SwitchInstruction switch, Parame
|
||||
|
|
||||
exists(Ssa::UseImpl use | use.hasIndexInBlock(useblock, _, sv))
|
||||
or
|
||||
exists(Ssa::DefImpl def | def.hasIndexInBlock(sv, useblock, _))
|
||||
exists(Ssa::DefImpl def | def.hasIndexInBlock(useblock, _, sv))
|
||||
)
|
||||
)
|
||||
)
|
||||
@@ -1830,7 +1814,7 @@ module IteratorFlow {
|
||||
*/
|
||||
private predicate isIteratorWrite(Instruction write, Operand address) {
|
||||
exists(Ssa::DefImpl writeDef, IRBlock bb, int i |
|
||||
writeDef.hasIndexInBlock(_, bb, i) and
|
||||
writeDef.hasIndexInBlock(bb, i, _) and
|
||||
bb.getInstruction(i) = write and
|
||||
address = writeDef.getAddressOperand()
|
||||
)
|
||||
@@ -1903,10 +1887,6 @@ module IteratorFlow {
|
||||
predicate allowFlowIntoUncertainDef(IteratorSsa::UncertainWriteDefinition def) { any() }
|
||||
|
||||
class Guard extends Void {
|
||||
predicate hasBranchEdge(SsaInput::BasicBlock bb1, SsaInput::BasicBlock bb2, boolean branch) {
|
||||
none()
|
||||
}
|
||||
|
||||
predicate controlsBranchEdge(
|
||||
SsaInput::BasicBlock bb1, SsaInput::BasicBlock bb2, boolean branch
|
||||
) {
|
||||
|
||||
@@ -538,6 +538,19 @@ class Node extends TIRDataFlowNode {
|
||||
none() // overridden by subclasses
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if this element is at the specified location.
|
||||
* The location spans column `startcolumn` of line `startline` to
|
||||
* column `endcolumn` of line `endline` in file `filepath`.
|
||||
* For more information, see
|
||||
* [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
|
||||
*/
|
||||
deprecated predicate hasLocationInfo(
|
||||
string filepath, int startline, int startcolumn, int endline, int endcolumn
|
||||
) {
|
||||
this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
|
||||
}
|
||||
|
||||
/** Gets a textual representation of this element. */
|
||||
cached
|
||||
final string toString() {
|
||||
|
||||
@@ -45,28 +45,6 @@ private module Cached {
|
||||
)
|
||||
}
|
||||
|
||||
private Expr getRankedElementExpr(ArrayAggregateLiteral aggr, int rnk) {
|
||||
result =
|
||||
rank[rnk + 1](Expr e, int elementIndex, int position |
|
||||
e = aggr.getElementExpr(elementIndex, position)
|
||||
|
|
||||
e order by elementIndex, position
|
||||
)
|
||||
}
|
||||
|
||||
private class LastArrayAggregateStore extends StoreInstruction {
|
||||
ArrayAggregateLiteral aggr;
|
||||
|
||||
LastArrayAggregateStore() {
|
||||
exists(int rnk |
|
||||
this.getSourceValue().getUnconvertedResultExpression() = getRankedElementExpr(aggr, rnk) and
|
||||
not exists(getRankedElementExpr(aggr, rnk + 1))
|
||||
)
|
||||
}
|
||||
|
||||
ArrayAggregateLiteral getArrayAggregateLiteral() { result = aggr }
|
||||
}
|
||||
|
||||
private Expr getConvertedResultExpressionImpl0(Instruction instr) {
|
||||
// IR construction inserts an additional cast to a `size_t` on the extent
|
||||
// of a `new[]` expression. The resulting `ConvertInstruction` doesn't have
|
||||
@@ -117,16 +95,6 @@ private module Cached {
|
||||
tco.producesExprResult() and
|
||||
result = asDefinitionImpl0(instr)
|
||||
)
|
||||
or
|
||||
// IR construction breaks an array aggregate literal `{1, 2, 3}` into a
|
||||
// sequence of `StoreInstruction`s. So there's no instruction `i` for which
|
||||
// `i.getUnconvertedResultExpression() instanceof ArrayAggregateLiteral`.
|
||||
// So we map the instruction node corresponding to the last `Store`
|
||||
// instruction of the sequence to the result of the array aggregate
|
||||
// literal. This makes sense since this store will immediately flow into
|
||||
// the indirect node representing the array. So this node does represent
|
||||
// the array after it has been fully initialized.
|
||||
result = instr.(LastArrayAggregateStore).getArrayAggregateLiteral()
|
||||
}
|
||||
|
||||
private Expr getConvertedResultExpressionImpl(Instruction instr) {
|
||||
@@ -296,41 +264,6 @@ private module Cached {
|
||||
e = getConvertedResultExpression(node.asInstruction(), n)
|
||||
}
|
||||
|
||||
/**
|
||||
* The IR doesn't have an instruction `i` for which this holds:
|
||||
* ```
|
||||
* i.getUnconvertedResultExpression() instanceof ClassAggregateLiteral
|
||||
* ```
|
||||
* and thus we don't automatically get a dataflow node for which:
|
||||
* ```
|
||||
* node.asExpr() instanceof ClassAggregateLiteral
|
||||
* ```
|
||||
* This is because the IR represents a `ClassAggregateLiteral` as a sequence
|
||||
* of field writes. To work around this we map `asExpr` on the
|
||||
* `PostUpdateNode` for the last field write to the class aggregate literal.
|
||||
*/
|
||||
private class ClassAggregateInitializerPostUpdateNode extends PostFieldUpdateNode {
|
||||
ClassAggregateLiteral aggr;
|
||||
|
||||
ClassAggregateInitializerPostUpdateNode() {
|
||||
exists(Node node1, FieldContent fc, int position, StoreInstruction store |
|
||||
store.getSourceValue().getUnconvertedResultExpression() =
|
||||
aggr.getFieldExpr(fc.getField(), position) and
|
||||
node1.asInstruction() = store and
|
||||
// This is the last field write from the aggregate initialization.
|
||||
not exists(aggr.getFieldExpr(_, position + 1)) and
|
||||
storeStep(node1, fc, this)
|
||||
)
|
||||
}
|
||||
|
||||
ClassAggregateLiteral getClassAggregateLiteral() { result = aggr }
|
||||
}
|
||||
|
||||
private predicate exprNodeShouldBePostUpdateNode(Node node, Expr e, int n) {
|
||||
node.(ClassAggregateInitializerPostUpdateNode).getClassAggregateLiteral() = e and
|
||||
n = 0
|
||||
}
|
||||
|
||||
/** Holds if `node` should be an `IndirectInstruction` that maps `node.asIndirectExpr()` to `e`. */
|
||||
private predicate indirectExprNodeShouldBeIndirectInstruction(
|
||||
IndirectInstruction node, Expr e, int n, int indirectionIndex
|
||||
@@ -361,8 +294,7 @@ private module Cached {
|
||||
exprNodeShouldBeInstruction(_, e, n) or
|
||||
exprNodeShouldBeOperand(_, e, n) or
|
||||
exprNodeShouldBeIndirectOutNode(_, e, n) or
|
||||
exprNodeShouldBeIndirectOperand(_, e, n) or
|
||||
exprNodeShouldBePostUpdateNode(_, e, n)
|
||||
exprNodeShouldBeIndirectOperand(_, e, n)
|
||||
}
|
||||
|
||||
private class InstructionExprNode extends ExprNodeBase, InstructionNode {
|
||||
@@ -510,12 +442,6 @@ private module Cached {
|
||||
final override Expr getConvertedExpr(int n) { exprNodeShouldBeIndirectOperand(this, result, n) }
|
||||
}
|
||||
|
||||
private class PostUpdateExprNode extends ExprNodeBase instanceof PostUpdateNode {
|
||||
PostUpdateExprNode() { exprNodeShouldBePostUpdateNode(this, _, _) }
|
||||
|
||||
final override Expr getConvertedExpr(int n) { exprNodeShouldBePostUpdateNode(this, result, n) }
|
||||
}
|
||||
|
||||
/**
|
||||
* An expression, viewed as a node in a data flow graph.
|
||||
*/
|
||||
|
||||
@@ -191,7 +191,7 @@ abstract class DefImpl extends TDefImpl {
|
||||
* Holds if this definition (or use) has index `index` in block `block`,
|
||||
* and is a definition (or use) of the variable `sv`
|
||||
*/
|
||||
final predicate hasIndexInBlock(SourceVariable sv, IRBlock block, int index) {
|
||||
final predicate hasIndexInBlock(IRBlock block, int index, SourceVariable sv) {
|
||||
this.hasIndexInBlock(block, index) and
|
||||
sv = this.getSourceVariable()
|
||||
}
|
||||
@@ -891,12 +891,12 @@ private module SsaInput implements SsaImplCommon::InputSig<Location> {
|
||||
predicate variableWrite(BasicBlock bb, int i, SourceVariable v, boolean certain) {
|
||||
DataFlowImplCommon::forceCachingInSameStage() and
|
||||
(
|
||||
exists(DefImpl def | def.hasIndexInBlock(v, bb, i) |
|
||||
exists(DefImpl def | def.hasIndexInBlock(bb, i, v) |
|
||||
if def.isCertain() then certain = true else certain = false
|
||||
)
|
||||
or
|
||||
exists(GlobalDefImpl global |
|
||||
global.hasIndexInBlock(v, bb, i) and
|
||||
global.hasIndexInBlock(bb, i, v) and
|
||||
certain = true
|
||||
)
|
||||
)
|
||||
@@ -934,11 +934,10 @@ module SsaCached {
|
||||
}
|
||||
|
||||
/** Gets the `DefImpl` corresponding to `def`. */
|
||||
pragma[nomagic]
|
||||
private DefImpl getDefImpl(SsaImpl::Definition def) {
|
||||
exists(SourceVariable sv, IRBlock bb, int i |
|
||||
def.definesAt(sv, bb, i) and
|
||||
result.hasIndexInBlock(sv, bb, i)
|
||||
result.hasIndexInBlock(bb, i, sv)
|
||||
)
|
||||
}
|
||||
|
||||
@@ -991,17 +990,13 @@ private module DataFlowIntegrationInput implements SsaImpl::DataFlowIntegrationI
|
||||
class Guard instanceof IRGuards::IRGuardCondition {
|
||||
string toString() { result = super.toString() }
|
||||
|
||||
predicate hasBranchEdge(SsaInput::BasicBlock bb1, SsaInput::BasicBlock bb2, boolean branch) {
|
||||
predicate controlsBranchEdge(SsaInput::BasicBlock bb1, SsaInput::BasicBlock bb2, boolean branch) {
|
||||
exists(EdgeKind kind |
|
||||
super.getBlock() = bb1 and
|
||||
kind = getConditionalEdge(branch) and
|
||||
bb1.getSuccessor(kind) = bb2
|
||||
)
|
||||
}
|
||||
|
||||
predicate controlsBranchEdge(SsaInput::BasicBlock bb1, SsaInput::BasicBlock bb2, boolean branch) {
|
||||
this.hasBranchEdge(bb1, bb2, branch)
|
||||
}
|
||||
}
|
||||
|
||||
predicate guardDirectlyControlsBlock(Guard guard, SsaInput::BasicBlock bb, boolean branch) {
|
||||
|
||||
@@ -58,12 +58,4 @@ class IRFunction extends IRFunctionBase {
|
||||
* Gets all blocks in this function.
|
||||
*/
|
||||
final IRBlock getABlock() { result.getEnclosingIRFunction() = this }
|
||||
|
||||
/**
|
||||
* Holds if this function may have incomplete def-use information.
|
||||
*
|
||||
* Def-use information may be omitted for a function when it is too expensive
|
||||
* to compute.
|
||||
*/
|
||||
final predicate hasIncompleteSsa() { Construction::hasIncompleteSsa(this) }
|
||||
}
|
||||
|
||||
@@ -235,7 +235,7 @@ private newtype TMemoryLocation =
|
||||
*
|
||||
* Some of these memory locations will be filtered out for performance reasons before being passed to SSA construction.
|
||||
*/
|
||||
abstract class MemoryLocation0 extends TMemoryLocation {
|
||||
abstract private class MemoryLocation0 extends TMemoryLocation {
|
||||
final string toString() {
|
||||
if this.isMayAccess()
|
||||
then result = "?" + this.toStringInternal()
|
||||
@@ -874,7 +874,7 @@ private int numberOfOverlappingUses(MemoryLocation0 def) {
|
||||
* Holds if `def` is a busy definition. That is, it has a large number of
|
||||
* overlapping uses.
|
||||
*/
|
||||
predicate isBusyDef(MemoryLocation0 def) { numberOfOverlappingUses(def) > 1024 }
|
||||
private predicate isBusyDef(MemoryLocation0 def) { numberOfOverlappingUses(def) > 1024 }
|
||||
|
||||
/** Holds if `use` is a use that overlaps with a busy definition. */
|
||||
private predicate useOverlapWithBusyDef(MemoryLocation0 use) {
|
||||
|
||||
@@ -731,20 +731,6 @@ private module Cached {
|
||||
or
|
||||
instruction = getChi(result.(UninitializedGroupInstruction))
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if the def-use information for `f` may have been omitted because it
|
||||
* was too expensive to compute. This happens if one of the memory allocations
|
||||
* in `f` is a busy definition (i.e., it has many different overlapping uses).
|
||||
*/
|
||||
pragma[nomagic]
|
||||
cached
|
||||
predicate hasIncompleteSsa(IRFunction f) {
|
||||
exists(Alias::MemoryLocation0 defLocation |
|
||||
Alias::isBusyDef(pragma[only_bind_into](defLocation)) and
|
||||
defLocation.getIRFunction() = f
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private Instruction getNewInstruction(OldInstruction instr) { getOldInstruction(result) = instr }
|
||||
|
||||
@@ -58,12 +58,4 @@ class IRFunction extends IRFunctionBase {
|
||||
* Gets all blocks in this function.
|
||||
*/
|
||||
final IRBlock getABlock() { result.getEnclosingIRFunction() = this }
|
||||
|
||||
/**
|
||||
* Holds if this function may have incomplete def-use information.
|
||||
*
|
||||
* Def-use information may be omitted for a function when it is too expensive
|
||||
* to compute.
|
||||
*/
|
||||
final predicate hasIncompleteSsa() { Construction::hasIncompleteSsa(this) }
|
||||
}
|
||||
|
||||
@@ -220,8 +220,6 @@ Instruction getMemoryOperandDefinition(
|
||||
none()
|
||||
}
|
||||
|
||||
predicate hasIncompleteSsa(IRFunction f) { none() }
|
||||
|
||||
/**
|
||||
* Holds if the operand totally overlaps with its definition and consumes the
|
||||
* bit range `[startBitOffset, endBitOffset)`.
|
||||
|
||||
@@ -58,12 +58,4 @@ class IRFunction extends IRFunctionBase {
|
||||
* Gets all blocks in this function.
|
||||
*/
|
||||
final IRBlock getABlock() { result.getEnclosingIRFunction() = this }
|
||||
|
||||
/**
|
||||
* Holds if this function may have incomplete def-use information.
|
||||
*
|
||||
* Def-use information may be omitted for a function when it is too expensive
|
||||
* to compute.
|
||||
*/
|
||||
final predicate hasIncompleteSsa() { Construction::hasIncompleteSsa(this) }
|
||||
}
|
||||
|
||||
@@ -731,20 +731,6 @@ private module Cached {
|
||||
or
|
||||
instruction = getChi(result.(UninitializedGroupInstruction))
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if the def-use information for `f` may have been omitted because it
|
||||
* was too expensive to compute. This happens if one of the memory allocations
|
||||
* in `f` is a busy definition (i.e., it has many different overlapping uses).
|
||||
*/
|
||||
pragma[nomagic]
|
||||
cached
|
||||
predicate hasIncompleteSsa(IRFunction f) {
|
||||
exists(Alias::MemoryLocation0 defLocation |
|
||||
Alias::isBusyDef(pragma[only_bind_into](defLocation)) and
|
||||
defLocation.getIRFunction() = f
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private Instruction getNewInstruction(OldInstruction instr) { getOldInstruction(result) = instr }
|
||||
|
||||
@@ -73,8 +73,6 @@ class MemoryLocation extends TMemoryLocation {
|
||||
final predicate canReuseSsa() { canReuseSsaForVariable(var) }
|
||||
}
|
||||
|
||||
class MemoryLocation0 = MemoryLocation;
|
||||
|
||||
predicate canReuseSsaForOldResult(Instruction instr) { none() }
|
||||
|
||||
abstract class VariableGroup extends Unit {
|
||||
@@ -143,9 +141,3 @@ int getStartBitOffset(MemoryLocation location) { none() }
|
||||
|
||||
/** Gets the end bit offset of a `MemoryLocation`, if any. */
|
||||
int getEndBitOffset(MemoryLocation location) { none() }
|
||||
|
||||
/**
|
||||
* Holds if `def` is a busy definition. That is, it has a large number of
|
||||
* overlapping uses.
|
||||
*/
|
||||
predicate isBusyDef(MemoryLocation def) { none() }
|
||||
|
||||
@@ -67,13 +67,8 @@ class Class = Cpp::Class; // Used for inheritance conversions
|
||||
predicate hasCaseEdge(string minValue, string maxValue) { hasCaseEdge(_, minValue, maxValue) }
|
||||
|
||||
predicate hasPositionalArgIndex(int argIndex) {
|
||||
exists(Cpp::FunctionCall call | exists(call.getArgument(argIndex)))
|
||||
or
|
||||
exists(Cpp::FunctionCall call | exists(call.getArgument(argIndex))) or
|
||||
exists(Cpp::BuiltInOperation op | exists(op.getChild(argIndex)))
|
||||
or
|
||||
// Ensure we are always able to output the argument of a call to the delete operator.
|
||||
exists(Cpp::DeleteExpr d) and
|
||||
argIndex = 0
|
||||
}
|
||||
|
||||
predicate hasAsmOperandIndex(int operandIndex) {
|
||||
|
||||
@@ -10,7 +10,7 @@ private import SemanticExprSpecific::SemanticExprConfig as Specific
|
||||
*/
|
||||
class SemBasicBlock extends Specific::BasicBlock {
|
||||
/** Holds if this block (transitively) dominates `otherblock`. */
|
||||
final predicate dominates(SemBasicBlock otherBlock) { Specific::bbDominates(this, otherBlock) }
|
||||
final predicate bbDominates(SemBasicBlock otherBlock) { Specific::bbDominates(this, otherBlock) }
|
||||
|
||||
/** Gets an expression that is evaluated in this basic block. */
|
||||
final SemExpr getAnExpr() { result.getBasicBlock() = this }
|
||||
|
||||
@@ -112,14 +112,7 @@ module SemanticExprConfig {
|
||||
}
|
||||
|
||||
/** Holds if no range analysis should be performed on the phi edges in `f`. */
|
||||
private predicate excludeFunction(Cpp::Function f) {
|
||||
count(f.getEntryPoint()) > 1
|
||||
or
|
||||
exists(IR::IRFunction irFunction |
|
||||
irFunction.getFunction() = f and
|
||||
irFunction.hasIncompleteSsa()
|
||||
)
|
||||
}
|
||||
private predicate excludeFunction(Cpp::Function f) { count(f.getEntryPoint()) > 1 }
|
||||
|
||||
SemType getUnknownExprType(Expr expr) { result = getSemanticType(expr.getResultIRType()) }
|
||||
|
||||
@@ -264,6 +257,10 @@ module SemanticExprConfig {
|
||||
|
||||
Guard comparisonGuard(Expr e) { getSemanticExpr(result) = e }
|
||||
|
||||
predicate implies_v2(Guard g1, boolean b1, Guard g2, boolean b2) {
|
||||
none() // TODO
|
||||
}
|
||||
|
||||
/** Gets the expression associated with `instr`. */
|
||||
SemExpr getSemanticExpr(IR::Instruction instr) { result = instr }
|
||||
}
|
||||
|
||||
@@ -18,11 +18,11 @@ class SemGuard instanceof Specific::Guard {
|
||||
Specific::equalityGuard(this, e1, e2, polarity)
|
||||
}
|
||||
|
||||
final predicate controls(SemBasicBlock controlled, boolean branch) {
|
||||
final predicate directlyControls(SemBasicBlock controlled, boolean branch) {
|
||||
Specific::guardDirectlyControlsBlock(this, controlled, branch)
|
||||
}
|
||||
|
||||
final predicate controlsBranchEdge(SemBasicBlock bb1, SemBasicBlock bb2, boolean branch) {
|
||||
final predicate hasBranchEdge(SemBasicBlock bb1, SemBasicBlock bb2, boolean branch) {
|
||||
Specific::guardHasBranchEdge(this, bb1, bb2, branch)
|
||||
}
|
||||
|
||||
@@ -31,4 +31,8 @@ class SemGuard instanceof Specific::Guard {
|
||||
final SemExpr asExpr() { result = Specific::getGuardAsExpr(this) }
|
||||
}
|
||||
|
||||
predicate semImplies_v2(SemGuard g1, boolean b1, SemGuard g2, boolean b2) {
|
||||
Specific::implies_v2(g1, b1, g2, b2)
|
||||
}
|
||||
|
||||
SemGuard semGetComparisonGuard(SemRelationalExpr e) { result = Specific::comparisonGuard(e) }
|
||||
|
||||
@@ -77,6 +77,8 @@ module Sem implements Semantic<SemLocation> {
|
||||
|
||||
class Guard = SemGuard;
|
||||
|
||||
predicate implies_v2 = semImplies_v2/4;
|
||||
|
||||
class Type = SemType;
|
||||
|
||||
class IntegerType = SemIntegerType;
|
||||
|
||||
@@ -55,12 +55,12 @@ private class LocalModelSource extends LocalFlowSource {
|
||||
}
|
||||
|
||||
/**
|
||||
* A local data flow source that is the `argv` parameter to `main` or `wmain`.
|
||||
* A local data flow source that the `argv` parameter to `main`.
|
||||
*/
|
||||
private class ArgvSource extends LocalFlowSource {
|
||||
ArgvSource() {
|
||||
exists(Function main, Parameter argv |
|
||||
main.hasGlobalName(["main", "wmain"]) and
|
||||
main.hasGlobalName("main") and
|
||||
main.getParameter(1) = argv and
|
||||
this.asParameter(2) = argv
|
||||
)
|
||||
@@ -69,21 +69,6 @@ private class ArgvSource extends LocalFlowSource {
|
||||
override string getSourceType() { result = "a command-line argument" }
|
||||
}
|
||||
|
||||
/**
|
||||
* A local data flow source that is the `pCmdLine` parameter to `WinMain` or `wWinMain`.
|
||||
*/
|
||||
private class CmdLineSource extends LocalFlowSource {
|
||||
CmdLineSource() {
|
||||
exists(Function main, Parameter pCmdLine |
|
||||
main.hasGlobalName(["WinMain", "wWinMain"]) and
|
||||
main.getParameter(2) = pCmdLine and
|
||||
this.asParameter(1) = pCmdLine
|
||||
)
|
||||
}
|
||||
|
||||
override string getSourceType() { result = "a command-line" }
|
||||
}
|
||||
|
||||
/**
|
||||
* A remote data flow source that is defined through 'models as data'.
|
||||
*/
|
||||
|
||||
@@ -42,6 +42,58 @@ class SecurityOptions extends string {
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* The argument of the given function is filled in from user input.
|
||||
*/
|
||||
deprecated predicate userInputArgument(FunctionCall functionCall, int arg) {
|
||||
exists(string fname |
|
||||
functionCall.getTarget().hasGlobalOrStdName(fname) and
|
||||
exists(functionCall.getArgument(arg)) and
|
||||
(
|
||||
fname = ["fread", "fgets", "fgetws", "gets"] and arg = 0
|
||||
or
|
||||
fname = "scanf" and arg >= 1
|
||||
or
|
||||
fname = "fscanf" and arg >= 2
|
||||
)
|
||||
or
|
||||
functionCall.getTarget().hasGlobalName(fname) and
|
||||
exists(functionCall.getArgument(arg)) and
|
||||
fname = "getaddrinfo" and
|
||||
arg = 3
|
||||
)
|
||||
or
|
||||
exists(RemoteFlowSourceFunction remote, FunctionOutput output |
|
||||
functionCall.getTarget() = remote and
|
||||
output.isParameterDerefOrQualifierObject(arg) and
|
||||
remote.hasRemoteFlowSource(output, _)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* The return value of the given function is filled in from user input.
|
||||
*/
|
||||
deprecated predicate userInputReturned(FunctionCall functionCall) {
|
||||
exists(string fname |
|
||||
functionCall.getTarget().getName() = fname and
|
||||
(
|
||||
fname = ["fgets", "gets"] or
|
||||
this.userInputReturn(fname)
|
||||
)
|
||||
)
|
||||
or
|
||||
exists(RemoteFlowSourceFunction remote, FunctionOutput output |
|
||||
functionCall.getTarget() = remote and
|
||||
(output.isReturnValue() or output.isReturnValueDeref()) and
|
||||
remote.hasRemoteFlowSource(output, _)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* DEPRECATED: Users should override `userInputReturned()` instead.
|
||||
*/
|
||||
deprecated predicate userInputReturn(string function) { none() }
|
||||
|
||||
/**
|
||||
* The argument of the given function is used for running a process or loading
|
||||
* a library.
|
||||
@@ -56,6 +108,29 @@ class SecurityOptions extends string {
|
||||
function = ["LoadLibrary", "LoadLibraryA", "LoadLibraryW"] and arg = 0
|
||||
}
|
||||
|
||||
/**
|
||||
* This predicate should hold if the expression is directly
|
||||
* computed from user input. Such expressions are treated as
|
||||
* sources of taint.
|
||||
*/
|
||||
deprecated predicate isUserInput(Expr expr, string cause) {
|
||||
exists(FunctionCall fc, int i |
|
||||
this.userInputArgument(fc, i) and
|
||||
expr = fc.getArgument(i) and
|
||||
cause = fc.getTarget().getName()
|
||||
)
|
||||
or
|
||||
exists(FunctionCall fc |
|
||||
this.userInputReturned(fc) and
|
||||
expr = fc and
|
||||
cause = fc.getTarget().getName()
|
||||
)
|
||||
or
|
||||
commandLineArg(expr) and cause = "argv"
|
||||
or
|
||||
expr.(EnvironmentRead).getSourceDescription() = cause
|
||||
}
|
||||
|
||||
/**
|
||||
* This predicate should hold if the expression raises privilege for the
|
||||
* current session. The default definition only holds true for some
|
||||
@@ -77,6 +152,16 @@ class SecurityOptions extends string {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* An access to the argv argument to main().
|
||||
*/
|
||||
private predicate commandLineArg(Expr e) {
|
||||
exists(Parameter argv |
|
||||
argv(argv) and
|
||||
argv.getAnAccess() = e
|
||||
)
|
||||
}
|
||||
|
||||
/** The argv parameter to the main function */
|
||||
predicate argv(Parameter argv) {
|
||||
exists(Function f |
|
||||
@@ -88,6 +173,21 @@ predicate argv(Parameter argv) {
|
||||
/** Convenience accessor for SecurityOptions.isPureFunction */
|
||||
predicate isPureFunction(string name) { exists(SecurityOptions opts | opts.isPureFunction(name)) }
|
||||
|
||||
/** Convenience accessor for SecurityOptions.userInputArgument */
|
||||
deprecated predicate userInputArgument(FunctionCall functionCall, int arg) {
|
||||
exists(SecurityOptions opts | opts.userInputArgument(functionCall, arg))
|
||||
}
|
||||
|
||||
/** Convenience accessor for SecurityOptions.userInputReturn */
|
||||
deprecated predicate userInputReturned(FunctionCall functionCall) {
|
||||
exists(SecurityOptions opts | opts.userInputReturned(functionCall))
|
||||
}
|
||||
|
||||
/** Convenience accessor for SecurityOptions.isUserInput */
|
||||
deprecated predicate isUserInput(Expr expr, string cause) {
|
||||
exists(SecurityOptions opts | opts.isUserInput(expr, cause))
|
||||
}
|
||||
|
||||
/** Convenience accessor for SecurityOptions.isProcessOperationArgument */
|
||||
predicate isProcessOperationArgument(string function, int arg) {
|
||||
exists(SecurityOptions opts | opts.isProcessOperationArgument(function, arg))
|
||||
|
||||
@@ -22,4 +22,28 @@ class CustomSecurityOptions extends SecurityOptions {
|
||||
// for example: (function = "MySpecialSqlFunction" and arg = 0)
|
||||
none() // rules to match custom functions replace this line
|
||||
}
|
||||
|
||||
deprecated override predicate userInputArgument(FunctionCall functionCall, int arg) {
|
||||
SecurityOptions.super.userInputArgument(functionCall, arg)
|
||||
or
|
||||
exists(string fname |
|
||||
functionCall.getTarget().hasGlobalName(fname) and
|
||||
exists(functionCall.getArgument(arg)) and
|
||||
// --- custom functions that return user input via one of their arguments:
|
||||
// 'arg' is the 0-based index of the argument that is used to return user input
|
||||
// for example: (fname = "readXmlInto" and arg = 1)
|
||||
none() // rules to match custom functions replace this line
|
||||
)
|
||||
}
|
||||
|
||||
deprecated override predicate userInputReturned(FunctionCall functionCall) {
|
||||
SecurityOptions.super.userInputReturned(functionCall)
|
||||
or
|
||||
exists(string fname |
|
||||
functionCall.getTarget().hasGlobalName(fname) and
|
||||
// --- custom functions that return user input via their return value:
|
||||
// for example: fname = "xmlReadAttribute"
|
||||
none() // rules to match custom functions replace this line
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,7 +26,7 @@ module IRFlowTest<IRDataFlow::GlobalFlowSig Flow> implements TestSig {
|
||||
n =
|
||||
strictcount(int line, int column |
|
||||
Flow::flow(any(IRDataFlow::Node otherSource |
|
||||
otherSource.getLocation().hasLocationInfo(_, line, column, _, _)
|
||||
otherSource.hasLocationInfo(_, line, column, _, _)
|
||||
), sink)
|
||||
) and
|
||||
(
|
||||
@@ -55,7 +55,7 @@ module AstFlowTest<AstDataFlow::GlobalFlowSig Flow> implements TestSig {
|
||||
n =
|
||||
strictcount(int line, int column |
|
||||
Flow::flow(any(AstDataFlow::Node otherSource |
|
||||
otherSource.getLocation().hasLocationInfo(_, line, column, _, _)
|
||||
otherSource.hasLocationInfo(_, line, column, _, _)
|
||||
), sink)
|
||||
) and
|
||||
(
|
||||
|
||||
@@ -1,14 +1,3 @@
|
||||
## 1.4.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `external/cwe/cwe-14` has been removed from `cpp/memset-may-be-deleted` and the tag `external/cwe/cwe-014` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/count-untrusted-data-external-api` and the tag `external/cwe/cwe-020` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/count-untrusted-data-external-api-ir` and the tag `external/cwe/cwe-020` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/untrusted-data-to-external-api-ir` and the tag `external/cwe/cwe-020` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/untrusted-data-to-external-api` and the tag `external/cwe/cwe-020` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/late-check-of-function-argument` and the tag `external/cwe/cwe-020` has been added.
|
||||
|
||||
## 1.3.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
## 1.4.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* The tag `external/cwe/cwe-14` has been removed from `cpp/memset-may-be-deleted` and the tag `external/cwe/cwe-014` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/count-untrusted-data-external-api` and the tag `external/cwe/cwe-020` has been added.
|
||||
* The tag `external/cwe/cwe-20` has been removed from `cpp/count-untrusted-data-external-api-ir` and the tag `external/cwe/cwe-020` has been added.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.4.0
|
||||
lastReleaseVersion: 1.3.9
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
/**
|
||||
* @name Print CBOM Graph
|
||||
* @description Outputs a graph representation of the cryptographic bill of materials.
|
||||
* This query only supports DGML output, as CodeQL DOT output omits properties.
|
||||
* @kind graph
|
||||
* @id cpp/print-cbom-graph
|
||||
* @tags quantum
|
||||
* experimental
|
||||
*/
|
||||
|
||||
import experimental.quantum.Language
|
||||
|
||||
query predicate nodes(Crypto::NodeBase node, string key, string value) {
|
||||
Crypto::nodes_graph_impl(node, key, value)
|
||||
}
|
||||
|
||||
query predicate edges(Crypto::NodeBase source, Crypto::NodeBase target, string key, string value) {
|
||||
Crypto::edges_graph_impl(source, target, key, value)
|
||||
}
|
||||
|
||||
query predicate graphProperties(string key, string value) {
|
||||
key = "semmle.graphKind" and value = "graph"
|
||||
}
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.4.1-dev
|
||||
version: 1.3.10-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -10,5 +10,5 @@ import internal.CaptureModels
|
||||
import SummaryModels
|
||||
|
||||
from DataFlowSummaryTargetApi api, string flow
|
||||
where flow = ContentSensitive::captureFlow(api, _, _, _, _)
|
||||
where flow = ContentSensitive::captureFlow(api, _)
|
||||
select flow order by flow
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user