Compare commits

..

26 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
57083e7f40 Load canonical-path DLL from CODEQL_EXTRACTOR_GO_ROOT, not CODEQL_DIST 2026-07-01 13:55:18 +00:00
copilot-swe-agent[bot]
f7f537631c Replace non-ASCII em-dash in NativeCanonicalizer.java comment 2026-07-01 13:40:08 +00:00
copilot-swe-agent[bot]
bfa81c30f4 Fix bazel formatting and non-windows build of canonicalize-dll 2026-07-01 13:23:21 +00:00
copilot-swe-agent[bot]
c807858312 Revert remaining go/ql/test changes 2026-07-01 13:12:12 +00:00
copilot-swe-agent[bot]
1a12cd68ec Revert integration-test changes 2026-07-01 13:07:24 +00:00
copilot-swe-agent[bot]
17cbc4990d Use std::mt19937 instead of std::rand for cache eviction
Replace std::rand() with std::mt19937 seeded by std::random_device for
less predictable cache eviction. Also use .first from emplace() instead
of structured binding with ignored second element.
2026-07-01 13:02:00 +00:00
copilot-swe-agent[bot]
77c962b4d9 Add shared canonicalize library and Go/Kotlin integrations
- Add shared/canonicalize/ C++ DLL that resolves Windows paths via
  GetFinalPathNameByHandleW with a full-path cache (matching C#'s
  CanonicalPathCache strategy).
- Add JNI interface (canonicalize_jni.cpp) for Kotlin/Java consumers.
- Add NativeCanonicalizer.java to kotlin-extractor for loading the DLL
  and exposing a resolve() method.
- Call NativeCanonicalizer.resolve() in FileUtil.tryMakeCanonical().
- Add go/extractor/canonicalize package (Windows + non-Windows impls).
- Use canonicalize.CanonicalizePath() in go extractor normalizedPath().
- Update Bazel build files for all new targets and deps.
2026-07-01 12:58:02 +00:00
copilot-swe-agent[bot]
1e33a81d6b Initial plan 2026-07-01 12:52:11 +00:00
Jeroen Ketema
d664d17a11 Merge pull request #22087 from jketema/subst
Add Windows integration tests showing that `subst` is handled inconsistently
2026-07-01 14:48:22 +02:00
Geoffrey White
e9766086cd Merge pull request #22079 from geoffw0/kotlininline
Kotlin: Address inline expectations testFailures.
2026-07-01 12:39:11 +01:00
Jeroen Ketema
d551ab3afb Fix expected file 2026-07-01 13:24:05 +02:00
Jeroen Ketema
daf97f7139 Add Windows integration tests showing that subst is handled inconsistently 2026-07-01 12:51:05 +02:00
Mathias Vorreiter Pedersen
3410f39b3c Merge pull request #22089 from MathiasVP/remove-mad-support-for-variables
C++: Remove support for global variables as sources and sinks in MaD
2026-07-01 10:31:59 +01:00
Owen Mansel-Chan
cf51664d69 Merge pull request #22099 from github/workflow/coverage/update
Update CSV framework coverage reports
2026-07-01 10:03:46 +01:00
github-actions[bot]
3cbb8ba87e Add changed framework coverage reports 2026-07-01 00:58:10 +00:00
Asger F
11e75c12a8 Merge pull request #22090 from asgerf/unified/inline-test-expectations
unified: Add inline expectation test library
2026-06-30 19:55:15 +02:00
Mathias Vorreiter Pedersen
dbbcc1741c C++: Delete now-unsupported MaD rows. 2026-06-30 17:48:31 +01:00
Mathias Vorreiter Pedersen
f37b3e77ff Merge branch 'main' into remove-mad-support-for-variables 2026-06-30 17:38:37 +01:00
Asger F
a9617f18a1 Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-30 15:48:15 +02:00
Asger F
a43c5cee61 unified: Add inline expectation test library 2026-06-30 14:29:04 +02:00
Mathias Vorreiter Pedersen
0e05ea5153 C++: Remove whitespace. 2026-06-30 12:41:29 +01:00
Mathias Vorreiter Pedersen
8657c8b26e C++: Add change note. 2026-06-30 12:39:34 +01:00
Mathias Vorreiter Pedersen
449a3ac870 C++: Delete tests which are no longer relevant. 2026-06-30 12:39:31 +01:00
Mathias Vorreiter Pedersen
fc954c3e1a C++: Remove support for marking variables as sources and sinks in MaD. 2026-06-30 12:30:40 +01:00
Geoffrey White
8fc2f7c92e Kotlin: Update .expected to exactly match reality. 2026-06-29 10:57:05 +01:00
Geoffrey White
35cd0f829f Kotlin: Address inline expectations testFailures. 2026-06-29 09:56:48 +01:00
60 changed files with 915 additions and 1034 deletions

View File

@@ -0,0 +1,4 @@
---
category: breaking
---
* Removed support for using variables as sources and sinks in models-as-data. Users of this feature should convert such sources and sinks to models defined using the QL language.

View File

@@ -931,31 +931,6 @@ private Element interpretElement0(
signature = "" and
elementSpec(namespace, type, subtypes, name, signature, _)
)
or
// Member variables
elementSpec(namespace, type, subtypes, name, signature, _) and
signature = "" and
exists(Class namedClass, Class classWithMember, MemberVariable member |
member.getName() = name and
member = classWithMember.getAMember() and
namedClass.hasQualifiedName(namespace, type) and
result = member
|
// field declared in the named type or a subtype of it (or an extension of any)
subtypes = true and
classWithMember = namedClass.getADerivedClass*()
or
// field declared directly in the named type (or an extension of it)
subtypes = false and
classWithMember = namedClass
)
or
// Global or namespace variables
elementSpec(namespace, type, subtypes, name, signature, _) and
signature = "" and
type = "" and
subtypes = false and
result = any(GlobalOrNamespaceVariable v | v.hasQualifiedName(namespace, name))
}
cached

View File

@@ -230,40 +230,11 @@ module SourceSinkInterpretationInput implements
/** Provides additional sink specification logic. */
bindingset[c]
predicate interpretOutput(string c, InterpretNode mid, InterpretNode node) {
// Allow variables to be picked as output nodes.
exists(Node n, Element ast |
n = node.asNode() and
ast = mid.asElement()
|
c = "" and
n.asExpr().(VariableAccess).getTarget() = ast
)
}
predicate interpretOutput(string c, InterpretNode mid, InterpretNode node) { none() }
/** Provides additional source specification logic. */
bindingset[c]
predicate interpretInput(string c, InterpretNode mid, InterpretNode node) {
exists(Node n, Element ast, VariableAccess e |
n = node.asNode() and
ast = mid.asElement() and
e.getTarget() = ast
|
// Allow variables to be picked as input nodes.
// We could simply do this as `e = n.asExpr()`, but that would not allow
// us to pick `x` as a sink in an example such as `x = source()` (but
// only subsequent uses of `x`) since the variable access on `x` doesn't
// actually load the value of `x`. So instead, we pick the instruction
// node corresponding to the generated `StoreInstruction` and use the
// expression associated with the destination instruction. This means
// that the `x` in `x = source()` can be marked as an input.
c = "" and
exists(StoreInstruction store |
store.getDestinationAddress().getUnconvertedResultExpression() = e and
n.asInstruction() = store
)
)
}
predicate interpretInput(string c, InterpretNode mid, InterpretNode node) { none() }
}
module Private {

View File

@@ -33,34 +33,34 @@ summaryCalls
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0ReturnToReturnFirst in madCallArg0ReturnToReturnFirst |
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0WithValue in madCallArg0WithValue |
summarizedCallables
| tests.cpp:144:5:144:19 | madArg0ToReturn |
| tests.cpp:145:6:145:28 | madArg0ToReturnIndirect |
| tests.cpp:147:5:147:28 | madArg0ToReturnValueFlow |
| tests.cpp:148:5:148:27 | madArg0IndirectToReturn |
| tests.cpp:149:5:149:33 | madArg0DoubleIndirectToReturn |
| tests.cpp:150:5:150:30 | madArg0NotIndirectToReturn |
| tests.cpp:151:6:151:26 | madArg0ToArg1Indirect |
| tests.cpp:152:6:152:34 | madArg0IndirectToArg1Indirect |
| tests.cpp:153:5:153:18 | madArgsComplex |
| tests.cpp:154:5:154:14 | madArgsAny |
| tests.cpp:155:5:155:28 | madAndImplementedComplex |
| tests.cpp:160:5:160:24 | madArg0FieldToReturn |
| tests.cpp:161:5:161:32 | madArg0IndirectFieldToReturn |
| tests.cpp:162:5:162:32 | madArg0FieldIndirectToReturn |
| tests.cpp:163:13:163:32 | madArg0ToReturnField |
| tests.cpp:164:14:164:41 | madArg0ToReturnIndirectField |
| tests.cpp:165:13:165:40 | madArg0ToReturnFieldIndirect |
| tests.cpp:284:7:284:19 | madArg0ToSelf |
| tests.cpp:285:6:285:20 | madSelfToReturn |
| tests.cpp:287:7:287:20 | madArg0ToField |
| tests.cpp:288:6:288:21 | madFieldToReturn |
| tests.cpp:313:7:313:30 | namespaceMadSelfToReturn |
| tests.cpp:434:5:434:29 | madCallArg0ReturnToReturn |
| tests.cpp:435:9:435:38 | madCallArg0ReturnToReturnFirst |
| tests.cpp:436:6:436:25 | madCallArg0WithValue |
| tests.cpp:437:5:437:36 | madCallReturnValueIgnoreFunction |
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
| tests.cpp:471:5:471:17 | receive_array |
| tests.cpp:127:5:127:19 | madArg0ToReturn |
| tests.cpp:128:6:128:28 | madArg0ToReturnIndirect |
| tests.cpp:130:5:130:28 | madArg0ToReturnValueFlow |
| tests.cpp:131:5:131:27 | madArg0IndirectToReturn |
| tests.cpp:132:5:132:33 | madArg0DoubleIndirectToReturn |
| tests.cpp:133:5:133:30 | madArg0NotIndirectToReturn |
| tests.cpp:134:6:134:26 | madArg0ToArg1Indirect |
| tests.cpp:135:6:135:34 | madArg0IndirectToArg1Indirect |
| tests.cpp:136:5:136:18 | madArgsComplex |
| tests.cpp:137:5:137:14 | madArgsAny |
| tests.cpp:138:5:138:28 | madAndImplementedComplex |
| tests.cpp:143:5:143:24 | madArg0FieldToReturn |
| tests.cpp:144:5:144:32 | madArg0IndirectFieldToReturn |
| tests.cpp:145:5:145:32 | madArg0FieldIndirectToReturn |
| tests.cpp:146:13:146:32 | madArg0ToReturnField |
| tests.cpp:147:14:147:41 | madArg0ToReturnIndirectField |
| tests.cpp:148:13:148:40 | madArg0ToReturnFieldIndirect |
| tests.cpp:250:7:250:19 | madArg0ToSelf |
| tests.cpp:251:6:251:20 | madSelfToReturn |
| tests.cpp:253:7:253:20 | madArg0ToField |
| tests.cpp:254:6:254:21 | madFieldToReturn |
| tests.cpp:277:7:277:30 | namespaceMadSelfToReturn |
| tests.cpp:392:5:392:29 | madCallArg0ReturnToReturn |
| tests.cpp:393:9:393:38 | madCallArg0ReturnToReturnFirst |
| tests.cpp:394:6:394:25 | madCallArg0WithValue |
| tests.cpp:395:5:395:36 | madCallReturnValueIgnoreFunction |
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
| tests.cpp:429:5:429:17 | receive_array |
sourceCallables
| tests.cpp:3:5:3:10 | source |
| tests.cpp:4:6:4:14 | sourcePtr |
@@ -82,297 +82,284 @@ sourceCallables
| tests.cpp:19:6:19:32 | remoteMadSourceIndirectArg1 |
| tests.cpp:19:39:19:39 | x |
| tests.cpp:19:47:19:47 | y |
| tests.cpp:20:5:20:22 | remoteMadSourceVar |
| tests.cpp:21:6:21:31 | remoteMadSourceVarIndirect |
| tests.cpp:24:6:24:28 | namespaceLocalMadSource |
| tests.cpp:25:6:25:31 | namespaceLocalMadSourceVar |
| tests.cpp:28:7:28:30 | namespace2LocalMadSource |
| tests.cpp:31:6:31:19 | localMadSource |
| tests.cpp:33:5:33:27 | namespaceLocalMadSource |
| tests.cpp:35:6:35:17 | test_sources |
| tests.cpp:50:6:50:6 | v |
| tests.cpp:51:7:51:16 | v_indirect |
| tests.cpp:52:6:52:13 | v_direct |
| tests.cpp:63:6:63:6 | a |
| tests.cpp:63:9:63:9 | b |
| tests.cpp:63:12:63:12 | c |
| tests.cpp:63:15:63:15 | d |
| tests.cpp:75:6:75:6 | e |
| tests.cpp:85:6:85:26 | remoteMadSourceParam0 |
| tests.cpp:85:32:85:32 | x |
| tests.cpp:92:6:92:16 | madSinkArg0 |
| tests.cpp:92:22:92:22 | x |
| tests.cpp:93:6:93:13 | notASink |
| tests.cpp:93:19:93:19 | x |
| tests.cpp:94:6:94:16 | madSinkArg1 |
| tests.cpp:94:22:94:22 | x |
| tests.cpp:94:29:94:29 | y |
| tests.cpp:95:6:95:17 | madSinkArg01 |
| tests.cpp:95:23:95:23 | x |
| tests.cpp:95:30:95:30 | y |
| tests.cpp:95:37:95:37 | z |
| tests.cpp:96:6:96:17 | madSinkArg02 |
| tests.cpp:96:23:96:23 | x |
| tests.cpp:96:30:96:30 | y |
| tests.cpp:96:37:96:37 | z |
| tests.cpp:97:6:97:24 | madSinkIndirectArg0 |
| tests.cpp:97:31:97:31 | x |
| tests.cpp:98:6:98:30 | madSinkDoubleIndirectArg0 |
| tests.cpp:98:38:98:38 | x |
| tests.cpp:99:5:99:14 | madSinkVar |
| tests.cpp:100:6:100:23 | madSinkVarIndirect |
| tests.cpp:102:6:102:15 | test_sinks |
| tests.cpp:116:6:116:6 | a |
| tests.cpp:117:7:117:11 | a_ptr |
| tests.cpp:132:6:132:18 | madSinkParam0 |
| tests.cpp:132:24:132:24 | x |
| tests.cpp:138:8:138:8 | operator= |
| tests.cpp:138:8:138:8 | operator= |
| tests.cpp:138:8:138:18 | MyContainer |
| tests.cpp:139:6:139:10 | value |
| tests.cpp:140:6:140:11 | value2 |
| tests.cpp:141:7:141:9 | ptr |
| tests.cpp:144:5:144:19 | madArg0ToReturn |
| tests.cpp:144:25:144:25 | x |
| tests.cpp:145:6:145:28 | madArg0ToReturnIndirect |
| tests.cpp:145:34:145:34 | x |
| tests.cpp:146:5:146:15 | notASummary |
| tests.cpp:146:21:146:21 | x |
| tests.cpp:147:5:147:28 | madArg0ToReturnValueFlow |
| tests.cpp:147:34:147:34 | x |
| tests.cpp:148:5:148:27 | madArg0IndirectToReturn |
| tests.cpp:148:34:148:34 | x |
| tests.cpp:149:5:149:33 | madArg0DoubleIndirectToReturn |
| tests.cpp:149:41:149:41 | x |
| tests.cpp:150:5:150:30 | madArg0NotIndirectToReturn |
| tests.cpp:150:37:150:37 | x |
| tests.cpp:151:6:151:26 | madArg0ToArg1Indirect |
| tests.cpp:151:32:151:32 | x |
| tests.cpp:151:40:151:40 | y |
| tests.cpp:152:6:152:34 | madArg0IndirectToArg1Indirect |
| tests.cpp:152:47:152:47 | x |
| tests.cpp:152:55:152:55 | y |
| tests.cpp:153:5:153:18 | madArgsComplex |
| tests.cpp:153:25:153:25 | a |
| tests.cpp:153:33:153:33 | b |
| tests.cpp:153:40:153:40 | c |
| tests.cpp:153:47:153:47 | d |
| tests.cpp:154:5:154:14 | madArgsAny |
| tests.cpp:154:20:154:20 | a |
| tests.cpp:154:28:154:28 | b |
| tests.cpp:155:5:155:28 | madAndImplementedComplex |
| tests.cpp:155:34:155:34 | a |
| tests.cpp:155:41:155:41 | b |
| tests.cpp:155:48:155:48 | c |
| tests.cpp:160:5:160:24 | madArg0FieldToReturn |
| tests.cpp:160:38:160:39 | mc |
| tests.cpp:161:5:161:32 | madArg0IndirectFieldToReturn |
| tests.cpp:161:47:161:48 | mc |
| tests.cpp:162:5:162:32 | madArg0FieldIndirectToReturn |
| tests.cpp:162:46:162:47 | mc |
| tests.cpp:163:13:163:32 | madArg0ToReturnField |
| tests.cpp:163:38:163:38 | x |
| tests.cpp:164:14:164:41 | madArg0ToReturnIndirectField |
| tests.cpp:164:47:164:47 | x |
| tests.cpp:165:13:165:40 | madArg0ToReturnFieldIndirect |
| tests.cpp:165:46:165:46 | x |
| tests.cpp:167:13:167:30 | madFieldToFieldVar |
| tests.cpp:168:13:168:38 | madFieldToIndirectFieldVar |
| tests.cpp:169:14:169:39 | madIndirectFieldToFieldVar |
| tests.cpp:171:6:171:19 | test_summaries |
| tests.cpp:174:6:174:6 | a |
| tests.cpp:174:9:174:9 | b |
| tests.cpp:174:12:174:12 | c |
| tests.cpp:174:15:174:15 | d |
| tests.cpp:174:18:174:18 | e |
| tests.cpp:175:7:175:11 | a_ptr |
| tests.cpp:218:14:218:16 | mc1 |
| tests.cpp:218:19:218:21 | mc2 |
| tests.cpp:237:15:237:18 | rtn1 |
| tests.cpp:240:14:240:17 | rtn2 |
| tests.cpp:241:7:241:14 | rtn2_ptr |
| tests.cpp:267:7:267:7 | operator= |
| tests.cpp:267:7:267:7 | operator= |
| tests.cpp:267:7:267:13 | MyClass |
| tests.cpp:270:6:270:26 | memberRemoteMadSource |
| tests.cpp:271:7:271:39 | memberRemoteMadSourceIndirectArg0 |
| tests.cpp:271:46:271:46 | x |
| tests.cpp:272:6:272:29 | memberRemoteMadSourceVar |
| tests.cpp:273:7:273:21 | qualifierSource |
| tests.cpp:274:7:274:26 | qualifierFieldSource |
| tests.cpp:277:7:277:23 | memberMadSinkArg0 |
| tests.cpp:277:29:277:29 | x |
| tests.cpp:278:6:278:21 | memberMadSinkVar |
| tests.cpp:279:7:279:19 | qualifierSink |
| tests.cpp:280:7:280:23 | qualifierArg0Sink |
| tests.cpp:280:29:280:29 | x |
| tests.cpp:281:7:281:24 | qualifierFieldSink |
| tests.cpp:284:7:284:19 | madArg0ToSelf |
| tests.cpp:284:25:284:25 | x |
| tests.cpp:285:6:285:20 | madSelfToReturn |
| tests.cpp:286:6:286:16 | notASummary |
| tests.cpp:287:7:287:20 | madArg0ToField |
| tests.cpp:287:26:287:26 | x |
| tests.cpp:288:6:288:21 | madFieldToReturn |
| tests.cpp:290:6:290:8 | val |
| tests.cpp:293:7:293:7 | MyDerivedClass |
| tests.cpp:293:7:293:7 | operator= |
| tests.cpp:293:7:293:7 | operator= |
| tests.cpp:293:7:293:20 | MyDerivedClass |
| tests.cpp:295:6:295:28 | subtypeRemoteMadSource1 |
| tests.cpp:296:6:296:21 | subtypeNonSource |
| tests.cpp:297:6:297:28 | subtypeRemoteMadSource2 |
| tests.cpp:300:9:300:15 | source2 |
| tests.cpp:301:6:301:9 | sink |
| tests.cpp:301:19:301:20 | mc |
| tests.cpp:304:8:304:8 | operator= |
| tests.cpp:304:8:304:8 | operator= |
| tests.cpp:304:8:304:14 | MyClass |
| tests.cpp:307:8:307:33 | namespaceMemberMadSinkArg0 |
| tests.cpp:307:39:307:39 | x |
| tests.cpp:308:15:308:46 | namespaceStaticMemberMadSinkArg0 |
| tests.cpp:308:52:308:52 | x |
| tests.cpp:309:7:309:31 | namespaceMemberMadSinkVar |
| tests.cpp:310:14:310:44 | namespaceStaticMemberMadSinkVar |
| tests.cpp:313:7:313:30 | namespaceMadSelfToReturn |
| tests.cpp:317:22:317:28 | source3 |
| tests.cpp:319:6:319:23 | test_class_members |
| tests.cpp:320:10:320:11 | mc |
| tests.cpp:320:14:320:16 | mc2 |
| tests.cpp:320:19:320:21 | mc3 |
| tests.cpp:320:24:320:26 | mc4 |
| tests.cpp:320:29:320:31 | mc5 |
| tests.cpp:320:34:320:36 | mc6 |
| tests.cpp:320:39:320:41 | mc7 |
| tests.cpp:320:44:320:46 | mc8 |
| tests.cpp:320:49:320:51 | mc9 |
| tests.cpp:320:54:320:57 | mc10 |
| tests.cpp:320:60:320:63 | mc11 |
| tests.cpp:321:11:321:13 | ptr |
| tests.cpp:321:17:321:23 | mc4_ptr |
| tests.cpp:322:17:322:19 | mdc |
| tests.cpp:323:23:323:25 | mnc |
| tests.cpp:323:28:323:31 | mnc2 |
| tests.cpp:324:24:324:31 | mnc2_ptr |
| tests.cpp:330:6:330:6 | a |
| tests.cpp:429:8:429:8 | operator= |
| tests.cpp:429:8:429:8 | operator= |
| tests.cpp:429:8:429:14 | intPair |
| tests.cpp:430:6:430:10 | first |
| tests.cpp:431:6:431:11 | second |
| tests.cpp:434:5:434:29 | madCallArg0ReturnToReturn |
| tests.cpp:434:37:434:43 | fun_ptr |
| tests.cpp:435:9:435:38 | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:46:435:52 | fun_ptr |
| tests.cpp:436:6:436:25 | madCallArg0WithValue |
| tests.cpp:436:34:436:40 | fun_ptr |
| tests.cpp:436:53:436:57 | value |
| tests.cpp:437:5:437:36 | madCallReturnValueIgnoreFunction |
| tests.cpp:437:45:437:51 | fun_ptr |
| tests.cpp:437:64:437:68 | value |
| tests.cpp:439:5:439:14 | getTainted |
| tests.cpp:440:6:440:13 | useValue |
| tests.cpp:440:19:440:19 | x |
| tests.cpp:441:6:441:17 | dontUseValue |
| tests.cpp:441:23:441:23 | x |
| tests.cpp:443:6:443:27 | test_function_pointers |
| tests.cpp:456:19:456:19 | X |
| tests.cpp:457:8:457:35 | StructWithTypedefInParameter<X> |
| tests.cpp:457:8:457:35 | StructWithTypedefInParameter<int> |
| tests.cpp:458:12:458:15 | Type |
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
| tests.cpp:459:45:459:45 | x |
| tests.cpp:459:45:459:45 | x |
| tests.cpp:462:6:462:37 | test_parameter_ref_to_return_ref |
| tests.cpp:463:6:463:6 | x |
| tests.cpp:464:36:464:36 | s |
| tests.cpp:465:6:465:6 | y |
| tests.cpp:469:7:469:9 | INT |
| tests.cpp:471:5:471:17 | receive_array |
| tests.cpp:471:23:471:23 | a |
| tests.cpp:473:6:473:23 | test_receive_array |
| tests.cpp:474:6:474:6 | x |
| tests.cpp:475:6:475:10 | array |
| tests.cpp:476:6:476:6 | y |
| tests.cpp:23:7:23:30 | namespace2LocalMadSource |
| tests.cpp:26:6:26:19 | localMadSource |
| tests.cpp:28:5:28:27 | namespaceLocalMadSource |
| tests.cpp:30:6:30:17 | test_sources |
| tests.cpp:45:6:45:6 | v |
| tests.cpp:46:7:46:16 | v_indirect |
| tests.cpp:47:6:47:13 | v_direct |
| tests.cpp:58:6:58:6 | a |
| tests.cpp:58:9:58:9 | b |
| tests.cpp:58:12:58:12 | c |
| tests.cpp:58:15:58:15 | d |
| tests.cpp:67:6:67:6 | e |
| tests.cpp:75:6:75:26 | remoteMadSourceParam0 |
| tests.cpp:75:32:75:32 | x |
| tests.cpp:82:6:82:16 | madSinkArg0 |
| tests.cpp:82:22:82:22 | x |
| tests.cpp:83:6:83:13 | notASink |
| tests.cpp:83:19:83:19 | x |
| tests.cpp:84:6:84:16 | madSinkArg1 |
| tests.cpp:84:22:84:22 | x |
| tests.cpp:84:29:84:29 | y |
| tests.cpp:85:6:85:17 | madSinkArg01 |
| tests.cpp:85:23:85:23 | x |
| tests.cpp:85:30:85:30 | y |
| tests.cpp:85:37:85:37 | z |
| tests.cpp:86:6:86:17 | madSinkArg02 |
| tests.cpp:86:23:86:23 | x |
| tests.cpp:86:30:86:30 | y |
| tests.cpp:86:37:86:37 | z |
| tests.cpp:87:6:87:24 | madSinkIndirectArg0 |
| tests.cpp:87:31:87:31 | x |
| tests.cpp:88:6:88:30 | madSinkDoubleIndirectArg0 |
| tests.cpp:88:38:88:38 | x |
| tests.cpp:92:6:92:15 | test_sinks |
| tests.cpp:106:6:106:6 | a |
| tests.cpp:107:7:107:11 | a_ptr |
| tests.cpp:115:6:115:18 | madSinkParam0 |
| tests.cpp:115:24:115:24 | x |
| tests.cpp:121:8:121:8 | operator= |
| tests.cpp:121:8:121:8 | operator= |
| tests.cpp:121:8:121:18 | MyContainer |
| tests.cpp:122:6:122:10 | value |
| tests.cpp:123:6:123:11 | value2 |
| tests.cpp:124:7:124:9 | ptr |
| tests.cpp:127:5:127:19 | madArg0ToReturn |
| tests.cpp:127:25:127:25 | x |
| tests.cpp:128:6:128:28 | madArg0ToReturnIndirect |
| tests.cpp:128:34:128:34 | x |
| tests.cpp:129:5:129:15 | notASummary |
| tests.cpp:129:21:129:21 | x |
| tests.cpp:130:5:130:28 | madArg0ToReturnValueFlow |
| tests.cpp:130:34:130:34 | x |
| tests.cpp:131:5:131:27 | madArg0IndirectToReturn |
| tests.cpp:131:34:131:34 | x |
| tests.cpp:132:5:132:33 | madArg0DoubleIndirectToReturn |
| tests.cpp:132:41:132:41 | x |
| tests.cpp:133:5:133:30 | madArg0NotIndirectToReturn |
| tests.cpp:133:37:133:37 | x |
| tests.cpp:134:6:134:26 | madArg0ToArg1Indirect |
| tests.cpp:134:32:134:32 | x |
| tests.cpp:134:40:134:40 | y |
| tests.cpp:135:6:135:34 | madArg0IndirectToArg1Indirect |
| tests.cpp:135:47:135:47 | x |
| tests.cpp:135:55:135:55 | y |
| tests.cpp:136:5:136:18 | madArgsComplex |
| tests.cpp:136:25:136:25 | a |
| tests.cpp:136:33:136:33 | b |
| tests.cpp:136:40:136:40 | c |
| tests.cpp:136:47:136:47 | d |
| tests.cpp:137:5:137:14 | madArgsAny |
| tests.cpp:137:20:137:20 | a |
| tests.cpp:137:28:137:28 | b |
| tests.cpp:138:5:138:28 | madAndImplementedComplex |
| tests.cpp:138:34:138:34 | a |
| tests.cpp:138:41:138:41 | b |
| tests.cpp:138:48:138:48 | c |
| tests.cpp:143:5:143:24 | madArg0FieldToReturn |
| tests.cpp:143:38:143:39 | mc |
| tests.cpp:144:5:144:32 | madArg0IndirectFieldToReturn |
| tests.cpp:144:47:144:48 | mc |
| tests.cpp:145:5:145:32 | madArg0FieldIndirectToReturn |
| tests.cpp:145:46:145:47 | mc |
| tests.cpp:146:13:146:32 | madArg0ToReturnField |
| tests.cpp:146:38:146:38 | x |
| tests.cpp:147:14:147:41 | madArg0ToReturnIndirectField |
| tests.cpp:147:47:147:47 | x |
| tests.cpp:148:13:148:40 | madArg0ToReturnFieldIndirect |
| tests.cpp:148:46:148:46 | x |
| tests.cpp:150:6:150:19 | test_summaries |
| tests.cpp:153:6:153:6 | a |
| tests.cpp:153:9:153:9 | b |
| tests.cpp:153:12:153:12 | c |
| tests.cpp:153:15:153:15 | d |
| tests.cpp:153:18:153:18 | e |
| tests.cpp:154:7:154:11 | a_ptr |
| tests.cpp:197:14:197:16 | mc1 |
| tests.cpp:197:19:197:21 | mc2 |
| tests.cpp:216:15:216:18 | rtn1 |
| tests.cpp:219:14:219:17 | rtn2 |
| tests.cpp:220:7:220:14 | rtn2_ptr |
| tests.cpp:233:7:233:7 | operator= |
| tests.cpp:233:7:233:7 | operator= |
| tests.cpp:233:7:233:13 | MyClass |
| tests.cpp:236:6:236:26 | memberRemoteMadSource |
| tests.cpp:237:7:237:39 | memberRemoteMadSourceIndirectArg0 |
| tests.cpp:237:46:237:46 | x |
| tests.cpp:239:7:239:21 | qualifierSource |
| tests.cpp:240:7:240:26 | qualifierFieldSource |
| tests.cpp:243:7:243:23 | memberMadSinkArg0 |
| tests.cpp:243:29:243:29 | x |
| tests.cpp:245:7:245:19 | qualifierSink |
| tests.cpp:246:7:246:23 | qualifierArg0Sink |
| tests.cpp:246:29:246:29 | x |
| tests.cpp:247:7:247:24 | qualifierFieldSink |
| tests.cpp:250:7:250:19 | madArg0ToSelf |
| tests.cpp:250:25:250:25 | x |
| tests.cpp:251:6:251:20 | madSelfToReturn |
| tests.cpp:252:6:252:16 | notASummary |
| tests.cpp:253:7:253:20 | madArg0ToField |
| tests.cpp:253:26:253:26 | x |
| tests.cpp:254:6:254:21 | madFieldToReturn |
| tests.cpp:256:6:256:8 | val |
| tests.cpp:259:7:259:7 | MyDerivedClass |
| tests.cpp:259:7:259:7 | operator= |
| tests.cpp:259:7:259:7 | operator= |
| tests.cpp:259:7:259:20 | MyDerivedClass |
| tests.cpp:261:6:261:28 | subtypeRemoteMadSource1 |
| tests.cpp:262:6:262:21 | subtypeNonSource |
| tests.cpp:263:6:263:28 | subtypeRemoteMadSource2 |
| tests.cpp:266:9:266:15 | source2 |
| tests.cpp:267:6:267:9 | sink |
| tests.cpp:267:19:267:20 | mc |
| tests.cpp:270:8:270:8 | operator= |
| tests.cpp:270:8:270:8 | operator= |
| tests.cpp:270:8:270:14 | MyClass |
| tests.cpp:273:8:273:33 | namespaceMemberMadSinkArg0 |
| tests.cpp:273:39:273:39 | x |
| tests.cpp:274:15:274:46 | namespaceStaticMemberMadSinkArg0 |
| tests.cpp:274:52:274:52 | x |
| tests.cpp:277:7:277:30 | namespaceMadSelfToReturn |
| tests.cpp:281:22:281:28 | source3 |
| tests.cpp:283:6:283:23 | test_class_members |
| tests.cpp:284:10:284:11 | mc |
| tests.cpp:284:14:284:16 | mc2 |
| tests.cpp:284:19:284:21 | mc3 |
| tests.cpp:284:24:284:26 | mc4 |
| tests.cpp:284:29:284:31 | mc5 |
| tests.cpp:284:34:284:36 | mc6 |
| tests.cpp:284:39:284:41 | mc7 |
| tests.cpp:284:44:284:46 | mc8 |
| tests.cpp:284:49:284:51 | mc9 |
| tests.cpp:284:54:284:57 | mc10 |
| tests.cpp:284:60:284:63 | mc11 |
| tests.cpp:285:11:285:13 | ptr |
| tests.cpp:285:17:285:23 | mc4_ptr |
| tests.cpp:286:17:286:19 | mdc |
| tests.cpp:287:23:287:25 | mnc |
| tests.cpp:287:28:287:31 | mnc2 |
| tests.cpp:288:24:288:31 | mnc2_ptr |
| tests.cpp:294:6:294:6 | a |
| tests.cpp:387:8:387:8 | operator= |
| tests.cpp:387:8:387:8 | operator= |
| tests.cpp:387:8:387:14 | intPair |
| tests.cpp:388:6:388:10 | first |
| tests.cpp:389:6:389:11 | second |
| tests.cpp:392:5:392:29 | madCallArg0ReturnToReturn |
| tests.cpp:392:37:392:43 | fun_ptr |
| tests.cpp:393:9:393:38 | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:46:393:52 | fun_ptr |
| tests.cpp:394:6:394:25 | madCallArg0WithValue |
| tests.cpp:394:34:394:40 | fun_ptr |
| tests.cpp:394:53:394:57 | value |
| tests.cpp:395:5:395:36 | madCallReturnValueIgnoreFunction |
| tests.cpp:395:45:395:51 | fun_ptr |
| tests.cpp:395:64:395:68 | value |
| tests.cpp:397:5:397:14 | getTainted |
| tests.cpp:398:6:398:13 | useValue |
| tests.cpp:398:19:398:19 | x |
| tests.cpp:399:6:399:17 | dontUseValue |
| tests.cpp:399:23:399:23 | x |
| tests.cpp:401:6:401:27 | test_function_pointers |
| tests.cpp:414:19:414:19 | X |
| tests.cpp:415:8:415:35 | StructWithTypedefInParameter<X> |
| tests.cpp:415:8:415:35 | StructWithTypedefInParameter<int> |
| tests.cpp:416:12:416:15 | Type |
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
| tests.cpp:417:45:417:45 | x |
| tests.cpp:417:45:417:45 | x |
| tests.cpp:420:6:420:37 | test_parameter_ref_to_return_ref |
| tests.cpp:421:6:421:6 | x |
| tests.cpp:422:36:422:36 | s |
| tests.cpp:423:6:423:6 | y |
| tests.cpp:427:7:427:9 | INT |
| tests.cpp:429:5:429:17 | receive_array |
| tests.cpp:429:23:429:23 | a |
| tests.cpp:431:6:431:23 | test_receive_array |
| tests.cpp:432:6:432:6 | x |
| tests.cpp:433:6:433:10 | array |
| tests.cpp:434:6:434:6 | y |
flowSummaryNode
| tests.cpp:144:5:144:19 | [summary param] 0 in madArg0ToReturn | ParameterNode | madArg0ToReturn | madArg0ToReturn |
| tests.cpp:144:5:144:19 | [summary] to write: ReturnValue in madArg0ToReturn | ReturnNode | madArg0ToReturn | madArg0ToReturn |
| tests.cpp:145:6:145:28 | [summary param] 0 in madArg0ToReturnIndirect | ParameterNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
| tests.cpp:145:6:145:28 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirect | ReturnNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
| tests.cpp:147:5:147:28 | [summary param] 0 in madArg0ToReturnValueFlow | ParameterNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
| tests.cpp:147:5:147:28 | [summary] to write: ReturnValue in madArg0ToReturnValueFlow | ReturnNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
| tests.cpp:148:5:148:27 | [summary param] *0 in madArg0IndirectToReturn | ParameterNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
| tests.cpp:148:5:148:27 | [summary] to write: ReturnValue in madArg0IndirectToReturn | ReturnNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
| tests.cpp:149:5:149:33 | [summary param] **0 in madArg0DoubleIndirectToReturn | ParameterNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
| tests.cpp:149:5:149:33 | [summary] to write: ReturnValue in madArg0DoubleIndirectToReturn | ReturnNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
| tests.cpp:150:5:150:30 | [summary param] 0 in madArg0NotIndirectToReturn | ParameterNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
| tests.cpp:150:5:150:30 | [summary] to write: ReturnValue in madArg0NotIndirectToReturn | ReturnNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
| tests.cpp:151:6:151:26 | [summary param] 0 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:151:6:151:26 | [summary param] *1 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:151:6:151:26 | [summary] to write: Argument[*1] in madArg0ToArg1Indirect | PostUpdateNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:152:6:152:34 | [summary param] *0 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:152:6:152:34 | [summary param] *1 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:152:6:152:34 | [summary] to write: Argument[*1] in madArg0IndirectToArg1Indirect | PostUpdateNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:153:5:153:18 | [summary param] 2 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:153:5:153:18 | [summary param] *0 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:153:5:153:18 | [summary param] *1 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:153:5:153:18 | [summary] to write: ReturnValue in madArgsComplex | ReturnNode | madArgsComplex | madArgsComplex |
| tests.cpp:155:5:155:28 | [summary param] 2 in madAndImplementedComplex | ParameterNode | madAndImplementedComplex | madAndImplementedComplex |
| tests.cpp:155:5:155:28 | [summary] to write: ReturnValue in madAndImplementedComplex | ReturnNode | madAndImplementedComplex | madAndImplementedComplex |
| tests.cpp:160:5:160:24 | [summary param] 0 in madArg0FieldToReturn | ParameterNode | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:160:5:160:24 | [summary] read: Argument[0].Field[MyContainer::value]/Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:160:5:160:24 | [summary] to write: ReturnValue in madArg0FieldToReturn | ReturnNode | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:161:5:161:32 | [summary param] *0 in madArg0IndirectFieldToReturn | ParameterNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:161:5:161:32 | [summary] read: Argument[*0].Field[MyContainer::value]/Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:161:5:161:32 | [summary] to write: ReturnValue in madArg0IndirectFieldToReturn | ReturnNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:162:5:162:32 | [summary param] 0 in madArg0FieldIndirectToReturn | ParameterNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:162:5:162:32 | [summary] read: Argument[0].Field[*MyContainer::ptr]/Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:162:5:162:32 | [summary] to write: ReturnValue in madArg0FieldIndirectToReturn | ReturnNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:163:13:163:32 | [summary param] 0 in madArg0ToReturnField | ParameterNode | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue in madArg0ToReturnField | ReturnNode | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue.Field[MyContainer::value]/Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:164:14:164:41 | [summary param] 0 in madArg0ToReturnIndirectField | ParameterNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirectField | ReturnNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*].Field[MyContainer::value]/Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:165:13:165:40 | [summary param] 0 in madArg0ToReturnFieldIndirect | ParameterNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue in madArg0ToReturnFieldIndirect | ReturnNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue.Field[*MyContainer::ptr]/Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:284:7:284:19 | [summary param] 0 in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:284:7:284:19 | [summary param] this in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:284:7:284:19 | [summary] to write: Argument[this] in madArg0ToSelf | PostUpdateNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:285:6:285:20 | [summary param] this in madSelfToReturn | ParameterNode | madSelfToReturn | madSelfToReturn |
| tests.cpp:285:6:285:20 | [summary] to write: ReturnValue in madSelfToReturn | ReturnNode | madSelfToReturn | madSelfToReturn |
| tests.cpp:287:7:287:20 | [summary param] 0 in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
| tests.cpp:287:7:287:20 | [summary param] this in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this] in madArg0ToField | PostUpdateNode | madArg0ToField | madArg0ToField |
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this].Field[MyClass::val]/Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
| tests.cpp:288:6:288:21 | [summary param] this in madFieldToReturn | ParameterNode | madFieldToReturn | madFieldToReturn |
| tests.cpp:288:6:288:21 | [summary] read: Argument[this].Field[MyClass::val]/Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
| tests.cpp:288:6:288:21 | [summary] to write: ReturnValue in madFieldToReturn | ReturnNode | madFieldToReturn | madFieldToReturn |
| tests.cpp:313:7:313:30 | [summary param] this in namespaceMadSelfToReturn | ParameterNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
| tests.cpp:313:7:313:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn | ReturnNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
| tests.cpp:434:5:434:29 | [summary param] 0 in madCallArg0ReturnToReturn | ParameterNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:434:5:434:29 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | PostUpdateNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:434:5:434:29 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturn | OutNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:434:5:434:29 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | ArgumentNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:434:5:434:29 | [summary] to write: ReturnValue in madCallArg0ReturnToReturn | ReturnNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:435:9:435:38 | [summary param] 0 in madCallArg0ReturnToReturnFirst | ParameterNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:9:435:38 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | PostUpdateNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:9:435:38 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturnFirst | OutNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:9:435:38 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | ArgumentNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue in madCallArg0ReturnToReturnFirst | ReturnNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue.Field[first]/Field[intPair::first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:436:6:436:25 | [summary param] 0 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary param] 1 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary] read: Argument[0].Parameter[0] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary] to write: Argument[0].Parameter[0] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:436:6:436:25 | [summary] to write: Argument[1] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:437:5:437:36 | [summary param] 1 in madCallReturnValueIgnoreFunction | ParameterNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
| tests.cpp:437:5:437:36 | [summary] to write: ReturnValue in madCallReturnValueIgnoreFunction | ReturnNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
| tests.cpp:459:5:459:31 | [summary param] *0 in parameter_ref_to_return_ref | ParameterNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
| tests.cpp:459:5:459:31 | [summary] to write: ReturnValue[*] in parameter_ref_to_return_ref | ReturnNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
| tests.cpp:471:5:471:17 | [summary param] *0 in receive_array | ParameterNode | receive_array | receive_array |
| tests.cpp:471:5:471:17 | [summary] to write: ReturnValue in receive_array | ReturnNode | receive_array | receive_array |
| tests.cpp:127:5:127:19 | [summary param] 0 in madArg0ToReturn | ParameterNode | madArg0ToReturn | madArg0ToReturn |
| tests.cpp:127:5:127:19 | [summary] to write: ReturnValue in madArg0ToReturn | ReturnNode | madArg0ToReturn | madArg0ToReturn |
| tests.cpp:128:6:128:28 | [summary param] 0 in madArg0ToReturnIndirect | ParameterNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
| tests.cpp:128:6:128:28 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirect | ReturnNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
| tests.cpp:130:5:130:28 | [summary param] 0 in madArg0ToReturnValueFlow | ParameterNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
| tests.cpp:130:5:130:28 | [summary] to write: ReturnValue in madArg0ToReturnValueFlow | ReturnNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
| tests.cpp:131:5:131:27 | [summary param] *0 in madArg0IndirectToReturn | ParameterNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
| tests.cpp:131:5:131:27 | [summary] to write: ReturnValue in madArg0IndirectToReturn | ReturnNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
| tests.cpp:132:5:132:33 | [summary param] **0 in madArg0DoubleIndirectToReturn | ParameterNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
| tests.cpp:132:5:132:33 | [summary] to write: ReturnValue in madArg0DoubleIndirectToReturn | ReturnNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
| tests.cpp:133:5:133:30 | [summary param] 0 in madArg0NotIndirectToReturn | ParameterNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
| tests.cpp:133:5:133:30 | [summary] to write: ReturnValue in madArg0NotIndirectToReturn | ReturnNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
| tests.cpp:134:6:134:26 | [summary param] 0 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:134:6:134:26 | [summary param] *1 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:134:6:134:26 | [summary] to write: Argument[*1] in madArg0ToArg1Indirect | PostUpdateNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
| tests.cpp:135:6:135:34 | [summary param] *0 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:135:6:135:34 | [summary param] *1 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:135:6:135:34 | [summary] to write: Argument[*1] in madArg0IndirectToArg1Indirect | PostUpdateNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
| tests.cpp:136:5:136:18 | [summary param] 2 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:136:5:136:18 | [summary param] *0 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:136:5:136:18 | [summary param] *1 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
| tests.cpp:136:5:136:18 | [summary] to write: ReturnValue in madArgsComplex | ReturnNode | madArgsComplex | madArgsComplex |
| tests.cpp:138:5:138:28 | [summary param] 2 in madAndImplementedComplex | ParameterNode | madAndImplementedComplex | madAndImplementedComplex |
| tests.cpp:138:5:138:28 | [summary] to write: ReturnValue in madAndImplementedComplex | ReturnNode | madAndImplementedComplex | madAndImplementedComplex |
| tests.cpp:143:5:143:24 | [summary param] 0 in madArg0FieldToReturn | ParameterNode | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:143:5:143:24 | [summary] read: Argument[0].Field[MyContainer::value]/Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:143:5:143:24 | [summary] to write: ReturnValue in madArg0FieldToReturn | ReturnNode | madArg0FieldToReturn | madArg0FieldToReturn |
| tests.cpp:144:5:144:32 | [summary param] *0 in madArg0IndirectFieldToReturn | ParameterNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:144:5:144:32 | [summary] read: Argument[*0].Field[MyContainer::value]/Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:144:5:144:32 | [summary] to write: ReturnValue in madArg0IndirectFieldToReturn | ReturnNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
| tests.cpp:145:5:145:32 | [summary param] 0 in madArg0FieldIndirectToReturn | ParameterNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:145:5:145:32 | [summary] read: Argument[0].Field[*MyContainer::ptr]/Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:145:5:145:32 | [summary] to write: ReturnValue in madArg0FieldIndirectToReturn | ReturnNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
| tests.cpp:146:13:146:32 | [summary param] 0 in madArg0ToReturnField | ParameterNode | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:146:13:146:32 | [summary] to write: ReturnValue in madArg0ToReturnField | ReturnNode | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:146:13:146:32 | [summary] to write: ReturnValue.Field[MyContainer::value]/Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
| tests.cpp:147:14:147:41 | [summary param] 0 in madArg0ToReturnIndirectField | ParameterNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:147:14:147:41 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirectField | ReturnNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:147:14:147:41 | [summary] to write: ReturnValue[*].Field[MyContainer::value]/Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
| tests.cpp:148:13:148:40 | [summary param] 0 in madArg0ToReturnFieldIndirect | ParameterNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:148:13:148:40 | [summary] to write: ReturnValue in madArg0ToReturnFieldIndirect | ReturnNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:148:13:148:40 | [summary] to write: ReturnValue.Field[*MyContainer::ptr]/Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
| tests.cpp:250:7:250:19 | [summary param] 0 in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:250:7:250:19 | [summary param] this in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:250:7:250:19 | [summary] to write: Argument[this] in madArg0ToSelf | PostUpdateNode | madArg0ToSelf | madArg0ToSelf |
| tests.cpp:251:6:251:20 | [summary param] this in madSelfToReturn | ParameterNode | madSelfToReturn | madSelfToReturn |
| tests.cpp:251:6:251:20 | [summary] to write: ReturnValue in madSelfToReturn | ReturnNode | madSelfToReturn | madSelfToReturn |
| tests.cpp:253:7:253:20 | [summary param] 0 in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
| tests.cpp:253:7:253:20 | [summary param] this in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
| tests.cpp:253:7:253:20 | [summary] to write: Argument[this] in madArg0ToField | PostUpdateNode | madArg0ToField | madArg0ToField |
| tests.cpp:253:7:253:20 | [summary] to write: Argument[this].Field[MyClass::val]/Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
| tests.cpp:254:6:254:21 | [summary param] this in madFieldToReturn | ParameterNode | madFieldToReturn | madFieldToReturn |
| tests.cpp:254:6:254:21 | [summary] read: Argument[this].Field[MyClass::val]/Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
| tests.cpp:254:6:254:21 | [summary] to write: ReturnValue in madFieldToReturn | ReturnNode | madFieldToReturn | madFieldToReturn |
| tests.cpp:277:7:277:30 | [summary param] this in namespaceMadSelfToReturn | ParameterNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
| tests.cpp:277:7:277:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn | ReturnNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
| tests.cpp:392:5:392:29 | [summary param] 0 in madCallArg0ReturnToReturn | ParameterNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:392:5:392:29 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | PostUpdateNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:392:5:392:29 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturn | OutNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:392:5:392:29 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | ArgumentNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:392:5:392:29 | [summary] to write: ReturnValue in madCallArg0ReturnToReturn | ReturnNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
| tests.cpp:393:9:393:38 | [summary param] 0 in madCallArg0ReturnToReturnFirst | ParameterNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:9:393:38 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | PostUpdateNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:9:393:38 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturnFirst | OutNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:9:393:38 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | ArgumentNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:9:393:38 | [summary] to write: ReturnValue in madCallArg0ReturnToReturnFirst | ReturnNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:393:9:393:38 | [summary] to write: ReturnValue.Field[first]/Field[intPair::first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
| tests.cpp:394:6:394:25 | [summary param] 0 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary param] 1 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary] read: Argument[0].Parameter[0] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary] to write: Argument[0].Parameter[0] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:394:6:394:25 | [summary] to write: Argument[1] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
| tests.cpp:395:5:395:36 | [summary param] 1 in madCallReturnValueIgnoreFunction | ParameterNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
| tests.cpp:395:5:395:36 | [summary] to write: ReturnValue in madCallReturnValueIgnoreFunction | ReturnNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
| tests.cpp:417:5:417:31 | [summary param] *0 in parameter_ref_to_return_ref | ParameterNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
| tests.cpp:417:5:417:31 | [summary] to write: ReturnValue[*] in parameter_ref_to_return_ref | ReturnNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
| tests.cpp:429:5:429:17 | [summary param] *0 in receive_array | ParameterNode | receive_array | receive_array |
| tests.cpp:429:5:429:17 | [summary] to write: ReturnValue in receive_array | ReturnNode | receive_array | receive_array |

View File

@@ -11,15 +11,12 @@ extensions:
- ["", "", False, "remoteMadSourceDoubleIndirect", "", "", "ReturnValue[**]", "remote", "manual"]
- ["", "", False, "remoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
- ["", "", False, "remoteMadSourceIndirectArg1", "", "", "Argument[*1]", "remote", "manual"]
- ["", "", False, "remoteMadSourceVar", "", "", "", "remote", "manual"]
- ["", "", False, "remoteMadSourceVarIndirect", "", "", "*", "remote", "manual"] # we can't express this source/sink correctly at present, "*" is not a valid access path
- ["", "", False, "remoteMadSourceParam0", "", "", "Parameter[0]", "remote", "manual"]
- ["MyNamespace", "", False, "namespaceLocalMadSource", "", "", "ReturnValue", "local", "manual"]
- ["MyNamespace", "", False, "namespaceLocalMadSourceVar", "", "", "", "local", "manual"]
- ["MyNamespace::MyNamespace2", "", False, "namespace2LocalMadSource", "", "", "ReturnValue", "local", "manual"]
- ["", "MyClass", True, "memberRemoteMadSource", "", "", "ReturnValue", "remote", "manual"]
- ["", "MyClass", True, "memberRemoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
- ["", "MyClass", True, "memberRemoteMadSourceVar", "", "", "", "remote", "manual"]
- ["", "MyClass", True, "subtypeRemoteMadSource1", "", "", "ReturnValue", "remote", "manual"]
- ["", "MyClass", False, "subtypeNonSource", "", "", "ReturnValue", "remote", "manual"] # the tests define this in MyDerivedClass, so it should *not* be recongized as a source
- ["", "MyClass", True, "qualifierSource", "", "", "Argument[-1]", "remote", "manual"]
@@ -35,18 +32,13 @@ extensions:
- ["", "", False, "madSinkArg02", "", "", "Argument[0,2]", "test-sink", "manual"]
- ["", "", False, "madSinkIndirectArg0", "", "", "Argument[*0]", "test-sink", "manual"]
- ["", "", False, "madSinkDoubleIndirectArg0", "", "", "Argument[**0]", "test-sink", "manual"]
- ["", "", False, "madSinkVar", "", "", "", "test-sink", "manual"]
- ["", "", False, "madSinkVarIndirect", "", "", "*", "test-sink", "manual"] # we can't express this source/sink correctly at present, "*" is not a valid access path
- ["", "", False, "madSinkParam0", "", "", "Parameter[0]", "test-sink", "manual"]
- ["", "MyClass", True, "memberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
- ["", "MyClass", True, "memberMadSinkVar", "", "", "", "test-sink", "manual"]
- ["", "MyClass", True, "qualifierSink", "", "", "Argument[-1]", "test-sink", "manual"]
- ["", "MyClass", True, "qualifierArg0Sink", "", "", "Argument[-1..0]", "test-sink", "manual"]
- ["", "MyClass", True, "qualifierFieldSink", "", "", "Argument[-1].val", "test-sink", "manual"]
- ["MyNamespace", "MyClass", True, "namespaceMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
- ["MyNamespace", "MyClass", True, "namespaceStaticMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
- ["MyNamespace", "MyClass", True, "namespaceMemberMadSinkVar", "", "", "", "test-sink", "manual"]
- ["MyNamespace", "MyClass", True, "namespaceStaticMemberMadSinkVar", "", "", "", "test-sink", "manual"]
- addsTo:
pack: codeql/cpp-all
extensible: summaryModel
@@ -68,9 +60,6 @@ extensions:
- ["", "", False, "madArg0ToReturnField", "", "", "Argument[0]", "ReturnValue.Field[value]", "taint", "manual"]
- ["", "", False, "madArg0ToReturnIndirectField", "", "", "Argument[0]", "ReturnValue[*].Field[value]", "taint", "manual"]
- ["", "", False, "madArg0ToReturnFieldIndirect", "", "", "Argument[0]", "ReturnValue.Field[*ptr]", "taint", "manual"]
- ["", "", False, "madFieldToFieldVar", "", "", "Field[value]", "Field[value2]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[value2]" is not a valid output
- ["", "", False, "madFieldToIndirectFieldVar", "", "", "Field[value]", "Field[*ptr]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[*ptr]" is not a valid output
- ["", "", False, "madIndirectFieldToFieldVar", "", "", "Field[value]", "Field[value2]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[value2]" is not a valid output
- ["", "MyClass", True, "madArg0ToSelf", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
- ["", "MyClass", True, "madSelfToReturn", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
- ["", "MyClass", True, "madArg0ToField", "", "", "Argument[0]", "Argument[-1].Field[val]", "taint", "manual"]

View File

@@ -17,13 +17,8 @@ int *remoteMadSourceIndirect(); // $ interpretElement
int **remoteMadSourceDoubleIndirect(); // $ interpretElement
void remoteMadSourceIndirectArg0(int *x, int *y); // $ interpretElement
void remoteMadSourceIndirectArg1(int &x, int &y); // $ interpretElement
int remoteMadSourceVar; // $ interpretElement
int *remoteMadSourceVarIndirect; // $ interpretElement
namespace MyNamespace {
int namespaceLocalMadSource(); // $ interpretElement
int namespaceLocalMadSourceVar; // $ interpretElement
namespace MyNamespace2 {
int namespace2LocalMadSource(); // $ interpretElement
}
@@ -69,14 +64,9 @@ void test_sources() {
sink(c);
sink(d); // $ ir
sink(remoteMadSourceVar); // $ ir
sink(*remoteMadSourceVarIndirect); // $ MISSING: ir
int e = localMadSource();
sink(e); // $ ir
sink(MyNamespace::namespaceLocalMadSource()); // $ ir
sink(MyNamespace::namespaceLocalMadSourceVar); // $ ir
sink(MyNamespace::MyNamespace2::namespace2LocalMadSource()); // $ ir
sink(MyNamespace::localMadSource()); // $ (the MyNamespace version of this function is not a source)
sink(namespaceLocalMadSource()); // (the global namespace version of this function is not a source)
@@ -96,8 +86,8 @@ void madSinkArg01(int x, int y, int z); // $ interpretElement
void madSinkArg02(int x, int y, int z); // $ interpretElement
void madSinkIndirectArg0(int *x); // $ interpretElement
void madSinkDoubleIndirectArg0(int **x); // $ interpretElement
int madSinkVar; // $ interpretElement
int *madSinkVarIndirect; // $ interpretElement
void test_sinks() {
// test sinks
@@ -118,15 +108,8 @@ void test_sinks() {
madSinkIndirectArg0(&a); // $ ir
madSinkIndirectArg0(a_ptr); // $ ir
madSinkDoubleIndirectArg0(&a_ptr); // $ ir
madSinkVar = source(); // $ ir
// test sources + sinks together
madSinkArg0(localMadSource()); // $ ir
madSinkIndirectArg0(remoteMadSourceIndirect()); // $ ir
madSinkVar = remoteMadSourceVar; // $ ir
*madSinkVarIndirect = remoteMadSourceVar; // $ MISSING: ir
}
void madSinkParam0(int x) { // $ interpretElement
@@ -164,10 +147,6 @@ MyContainer madArg0ToReturnField(int x); // $ interpretElement
MyContainer *madArg0ToReturnIndirectField(int x); // $ interpretElement
MyContainer madArg0ToReturnFieldIndirect(int x); // $ interpretElement
MyContainer madFieldToFieldVar; // $ interpretElement
MyContainer madFieldToIndirectFieldVar; // $ interpretElement
MyContainer *madIndirectFieldToFieldVar; // $ interpretElement
void test_summaries() {
// test summaries
@@ -241,19 +220,6 @@ void test_summaries() {
int *rtn2_ptr = rtn2.ptr;
sink(*rtn2_ptr); // $ ir
// test global variable summaries
madFieldToFieldVar.value = source();
sink(madFieldToFieldVar.value2); // $ MISSING: ir
madFieldToIndirectFieldVar.value = source();
sink(madFieldToIndirectFieldVar.ptr);
sink(*(madFieldToIndirectFieldVar.ptr)); // $ MISSING: ir
madIndirectFieldToFieldVar->value = source();
sink((*madIndirectFieldToFieldVar).value2); // $ MISSING: ir
sink(madIndirectFieldToFieldVar->value2); // $ MISSING: ir
// test source + sinks + summaries together
madSinkArg0(madArg0ToReturn(remoteMadSource())); // $ ir
@@ -269,13 +235,13 @@ public:
// sources
int memberRemoteMadSource(); // $ interpretElement
void memberRemoteMadSourceIndirectArg0(int *x); // $ interpretElement
int memberRemoteMadSourceVar; // $ interpretElement
void qualifierSource(); // $ interpretElement
void qualifierFieldSource(); // $ interpretElement
// sinks
void memberMadSinkArg0(int x); // $ interpretElement
int memberMadSinkVar; // $ interpretElement
void qualifierSink(); // $ interpretElement
void qualifierArg0Sink(int x); // $ interpretElement
void qualifierFieldSink(); // $ interpretElement
@@ -306,8 +272,6 @@ namespace MyNamespace {
// sinks
void namespaceMemberMadSinkArg0(int x); // $ interpretElement
static void namespaceStaticMemberMadSinkArg0(int x); // $ interpretElement
int namespaceMemberMadSinkVar; // $ interpretElement
static int namespaceStaticMemberMadSinkVar; // $ interpretElement
// summaries
int namespaceMadSelfToReturn(); // $ interpretElement
@@ -331,8 +295,6 @@ void test_class_members() {
mc.memberRemoteMadSourceIndirectArg0(&a);
sink(a); // $ ir
sink(mc.memberRemoteMadSourceVar); // $ ir
// test subtype sources
sink(mdc.memberRemoteMadSource()); // $ ir
@@ -344,12 +306,8 @@ void test_class_members() {
mc.memberMadSinkArg0(source()); // $ ir
mc.memberMadSinkVar = source(); // $ ir
mnc.namespaceMemberMadSinkArg0(source()); // $ ir
MyNamespace::MyClass::namespaceStaticMemberMadSinkArg0(source()); // $ ir
mnc.namespaceMemberMadSinkVar = source(); // $ ir
MyNamespace::MyClass::namespaceStaticMemberMadSinkVar = source(); // $ ir
// test class member summaries

View File

@@ -0,0 +1,4 @@
class Program
{
static void Main() {}
}

View File

@@ -0,0 +1,10 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net9.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
</Project>

View File

@@ -0,0 +1,5 @@
{
"sdk": {
"version": "9.0.201"
}
}

View File

@@ -0,0 +1,8 @@
| code/Program.cs:0:0:0:0 | code/Program.cs | |
| code/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | code/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs | |
| code/obj/Debug/net9.0/dotnet_build.AssemblyInfo.cs:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.AssemblyInfo.cs | |
| code/obj/Debug/net9.0/dotnet_build.GlobalUsings.g.cs:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.GlobalUsings.g.cs | |
| code/obj/Debug/net9.0/dotnet_build.dll:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.dll | |
| file://:0:0:0:0 | | |
| file://Z:/dotnet_build.csproj:0:0:0:0 | Z:/dotnet_build.csproj | relative |
| file://Z:/obj/dotnet_build.csproj.nuget.g.props:0:0:0:0 | Z:/obj/dotnet_build.csproj.nuget.g.props | relative |

View File

@@ -0,0 +1,7 @@
import csharp
from File f, string relative
where
not f.getURL().matches("file://C:/Program Files/%") and
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, csharp, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(source_root=drive)

View File

@@ -56,9 +56,19 @@ codeql_pkg_files(
prefix = "tools/{CODEQL_PLATFORM}",
)
codeql_pkg_files(
name = "canonicalize-dll",
srcs = select({
"@platforms//os:windows": ["//shared/canonicalize:pkg"],
"//conditions:default": [],
}),
prefix = "tools/{CODEQL_PLATFORM}",
)
codeql_pack(
name = "go",
srcs = [
":canonicalize-dll",
":extractor-pack-arch",
":resources",
"//go/codeql-tools",

View File

@@ -123,7 +123,7 @@ k8s.io/api/core,,,10,,,,,,,,,,,,,,,,,,,,,,,10,
k8s.io/apimachinery/pkg/runtime,,,47,,,,,,,,,,,,,,,,,,,,,,,47,
k8s.io/klog,90,,,,,,90,,,,,,,,,,,,,,,,,,,,
launchpad.net/xmlpath,2,,,,,,,,,,,,,,,,,,2,,,,,,,,
log,40,,3,,,,40,,,,,,,,,,,,,,,,,,,3,
log,43,,16,,,,43,,,,,,,,,,,,,,,,,,,16,
math/big,,,1,,,,,,,,,,,,,,,,,,,,,,,1,
mime,,,14,,,,,,,,,,,,,,,,,,,,,,,14,
net,2,16,100,,,,,,1,,,,,,,,1,,,,,,,16,,100,
1 package sink source summary sink:command-injection sink:credentials-key sink:jwt sink:log-injection sink:nosql-injection sink:path-injection sink:regex-use[0] sink:regex-use[1] sink:regex-use[c] sink:request-forgery sink:request-forgery[TCP Addr + Port] sink:sql-injection sink:url-redirection sink:url-redirection[0] sink:url-redirection[receiver] sink:xpath-injection source:commandargs source:database source:environment source:file source:remote source:stdin summary:taint summary:value
123 k8s.io/apimachinery/pkg/runtime 47 47
124 k8s.io/klog 90 90
125 launchpad.net/xmlpath 2 2
126 log 40 43 3 16 40 43 3 16
127 math/big 1 1
128 mime 14 14
129 net 2 16 100 1 1 16 100

View File

@@ -32,7 +32,7 @@ Go framework & library support
`Revel <http://revel.github.io/>`_,"``github.com/revel/revel*``, ``github.com/robfig/revel*``",46,20,4
`SendGrid <https://github.com/sendgrid/sendgrid-go>`_,``github.com/sendgrid/sendgrid-go*``,,1,
`Squirrel <https://github.com/Masterminds/squirrel>`_,"``github.com/Masterminds/squirrel*``, ``github.com/lann/squirrel*``, ``gopkg.in/Masterminds/squirrel``",81,,96
`Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``, ``weak``",52,612,124
`Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``, ``weak``",52,625,127
`XORM <https://xorm.io>`_,"``github.com/go-xorm/xorm*``, ``xorm.io/xorm*``",,,68
`XPath <https://github.com/antchfx/xpath>`_,``github.com/antchfx/xpath*``,,,4
`appleboy/gin-jwt <https://github.com/appleboy/gin-jwt>`_,``github.com/appleboy/gin-jwt*``,,,1
@@ -74,5 +74,5 @@ Go framework & library support
`xpathparser <https://github.com/santhosh-tekuri/xpathparser>`_,``github.com/santhosh-tekuri/xpathparser*``,,,2
`yaml <https://gopkg.in/yaml.v3>`_,``gopkg.in/yaml*``,,9,
`zap <https://go.uber.org/zap>`_,``go.uber.org/zap*``,,11,33
Totals,,688,1072,1577
Totals,,688,1085,1580

View File

@@ -16,6 +16,7 @@ go_library(
importpath = "github.com/github/codeql-go/extractor",
visibility = ["//visibility:public"],
deps = [
"//go/extractor/canonicalize",
"//go/extractor/dbscheme",
"//go/extractor/diagnostics",
"//go/extractor/srcarchive",

11
go/extractor/canonicalize/BUILD.bazel generated Normal file
View File

@@ -0,0 +1,11 @@
load("@rules_go//go:def.bzl", "go_library")
go_library(
name = "canonicalize",
srcs = [
"canonicalize_other.go",
"canonicalize_windows.go",
],
importpath = "github.com/github/codeql-go/extractor/canonicalize",
visibility = ["//visibility:public"],
)

View File

@@ -0,0 +1,5 @@
//go:build !windows
package canonicalize
func CanonicalizePath(path string) string { return path }

View File

@@ -0,0 +1,65 @@
//go:build windows
package canonicalize
import (
"os"
"path/filepath"
"syscall"
"unsafe"
)
var (
dll *syscall.DLL
procCanonicalize *syscall.Proc
procFree *syscall.Proc
available bool
)
func init() {
root := os.Getenv("CODEQL_EXTRACTOR_GO_ROOT")
if root == "" {
return
}
dllPath := filepath.Join(root, "tools", "win64", "codeql_canonical_path.dll")
d, err := syscall.LoadDLL(dllPath)
if err != nil {
return
}
p, err := d.FindProc("canonicalize_path_u8")
if err != nil {
return
}
f, _ := d.FindProc("canonicalize_free_u8")
dll = d
procCanonicalize = p
procFree = f
available = true
}
func CanonicalizePath(path string) string {
if !available {
return path
}
pathBytes := append([]byte(path), 0)
ret, _, _ := procCanonicalize.Call(uintptr(unsafe.Pointer(&pathBytes[0])))
if ret == 0 {
return path
}
result := bytePtrToString((*byte)(unsafe.Pointer(ret)))
if procFree != nil {
procFree.Call(ret)
}
return result
}
func bytePtrToString(p *byte) string {
if p == nil {
return ""
}
var n int
for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ {
ptr = unsafe.Add(ptr, 1)
}
return string(unsafe.Slice(p, n))
}

View File

@@ -22,6 +22,7 @@ import (
"sync"
"time"
"github.com/github/codeql-go/extractor/canonicalize"
"github.com/github/codeql-go/extractor/dbscheme"
"github.com/github/codeql-go/extractor/diagnostics"
"github.com/github/codeql-go/extractor/srcarchive"
@@ -766,7 +767,7 @@ func normalizedPath(ast *ast.File, fset *token.FileSet) string {
if err != nil {
return file
}
return path
return canonicalize.CanonicalizePath(path)
}
// extractFile extracts AST information for the given file

View File

@@ -0,0 +1,3 @@
package main
func main() {}

View File

@@ -0,0 +1 @@
| file://Z:/main.go:0:0:0:0 | Z:/main.go | relative |

View File

@@ -0,0 +1,5 @@
import go
from File f, string relative
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, go, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(command="go build main.go", source_root=drive)

View File

@@ -1242,11 +1242,11 @@ public class FileUtil
public static File tryMakeCanonical (File f)
{
try {
return f.getCanonicalFile();
return NativeCanonicalizer.resolve(f.getCanonicalFile());
}
catch (IOException ignored) {
Exceptions.ignore(ignored, "Can't log error: Could be too verbose.");
return new File(simplifyPath(f));
return NativeCanonicalizer.resolve(new File(simplifyPath(f)));
}
}

View File

@@ -0,0 +1,41 @@
package com.semmle.util.files;
import java.io.File;
import java.nio.file.Path;
import java.nio.file.Paths;
public class NativeCanonicalizer {
private static final boolean available;
static {
boolean loaded = false;
if (File.separatorChar == '\\') {
String dist = System.getenv("CODEQL_DIST");
if (dist != null && !dist.isEmpty()) {
try {
Path library = Paths.get(dist).resolve("tools").resolve("win64")
.resolve("codeql_canonical_path.dll").toAbsolutePath();
System.load(library.toString());
loaded = true;
} catch (RuntimeException | UnsatisfiedLinkError ignored) {
}
}
}
available = loaded;
}
private NativeCanonicalizer() {}
// UTF-16 JNI interface - no encoding conversion
private static native String nativeCanonicalizePath(String path);
public static File resolve(File path) {
if (!available) return path;
String result = nativeCanonicalizePath(path.getAbsolutePath());
return result != null ? new File(result) : path;
}
public static boolean isAvailable() {
return available;
}
}

View File

@@ -0,0 +1,4 @@
class Test {
public static void main(String[] args) {
}
}

View File

@@ -0,0 +1 @@
fun main() {}

View File

@@ -0,0 +1,5 @@
| file://:0:0:0:0 | | |
| file://:0:0:0:0 | | |
| file://Z:/Test.class:0:0:0:0 | Test | relative |
| file://Z:/test1.java:0:0:0:0 | test1 | relative |
| file://Z:/test2.kt:0:0:0:0 | test2 | relative |

View File

@@ -0,0 +1,9 @@
import java
from File f, string relative
where
not f.getURL().matches("file:///modules/%") and
not f.getURL().matches("file:///!unknown-binary-location/kotlin/%") and
not f.getURL().matches("%/ql/java/kotlin-extractor/%") and
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, java, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(command=["javac test1.java", "kotlinc test2.kt"], source_root=drive)

View File

@@ -234,8 +234,3 @@ subpaths
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
testFailures
| test.kt:28:14:28:21 | getSecond(...) | Unexpected result: hasTaintFlow=a |
| test.kt:35:14:35:27 | component1(...) | Unexpected result: hasTaintFlow=d |
| test.kt:41:14:41:22 | getSecond(...) | Unexpected result: hasTaintFlow=e |
| test.kt:53:14:53:24 | getDuration(...) | Unexpected result: hasTaintFlow=f |
| test.kt:58:14:58:29 | component2(...) | Unexpected result: hasTaintFlow=g |

View File

@@ -25,20 +25,20 @@ class Test {
val p = Pair(taint("a"), "")
sink(p) // $ hasTaintFlow=a
sink(p.component1()) // $ hasTaintFlow=a
sink(p.second)
sink(p.second) // $ SPURIOUS: hasTaintFlow=a
sink(taint("b").capitalize()) // $ hasTaintFlow=b
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
val t = Triple("", taint("d"), "")
sink(t) // $ hasTaintFlow=d
sink(t.component1())
sink(t.component1()) // $ SPURIOUS: hasTaintFlow=d
sink(t.second) // $ hasTaintFlow=d
val p1 = taint("e") to ""
sink(p1) // $ hasTaintFlow=e
sink(p1.component1()) // $ hasTaintFlow=e
sink(p1.second)
sink(p1.second) // $ SPURIOUS: hasTaintFlow=e
val l = p.toList()
sink(l) // $ hasTaintFlow=a
@@ -50,12 +50,12 @@ class Test {
val tv = TimedValue(taint("f"), Duration.parse(""))
sink(tv) // $ hasTaintFlow=f
sink(tv.component1()) // $ hasTaintFlow=f
sink(tv.duration)
sink(tv.duration) // $ SPURIOUS: hasTaintFlow=f
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
sink(mg0) // $ hasTaintFlow=g
sink(mg0.value) // $ hasTaintFlow=g
sink(mg0.component2())
sink(mg0.component2()) // $ SPURIOUS: hasTaintFlow=g
val iv = IndexedValue<String>(5, taint("h"))
sink(iv) // $ hasTaintFlow=h
@@ -72,4 +72,4 @@ class Test {
sink(x.index)
}
}
}
}

View File

@@ -234,8 +234,3 @@ subpaths
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
testFailures
| test.kt:28:14:28:21 | getSecond(...) | Unexpected result: hasTaintFlow=a |
| test.kt:35:14:35:27 | component1(...) | Unexpected result: hasTaintFlow=d |
| test.kt:41:14:41:22 | getSecond(...) | Unexpected result: hasTaintFlow=e |
| test.kt:53:14:53:24 | getDuration(...) | Unexpected result: hasTaintFlow=f |
| test.kt:58:14:58:29 | component2(...) | Unexpected result: hasTaintFlow=g |

View File

@@ -25,20 +25,20 @@ class Test {
val p = Pair(taint("a"), "")
sink(p) // $ hasTaintFlow=a
sink(p.component1()) // $ hasTaintFlow=a
sink(p.second)
sink(p.second) // $ SPURIOUS: hasTaintFlow=a
sink(taint("b").capitalize()) // $ hasTaintFlow=b
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
val t = Triple("", taint("d"), "")
sink(t) // $ hasTaintFlow=d
sink(t.component1())
sink(t.component1()) // $ SPURIOUS: hasTaintFlow=d
sink(t.second) // $ hasTaintFlow=d
val p1 = taint("e") to ""
sink(p1) // $ hasTaintFlow=e
sink(p1.component1()) // $ hasTaintFlow=e
sink(p1.second)
sink(p1.second) // $ SPURIOUS: hasTaintFlow=e
val l = p.toList()
sink(l) // $ hasTaintFlow=a
@@ -50,12 +50,12 @@ class Test {
val tv = TimedValue(taint("f"), Duration.parse(""))
sink(tv) // $ hasTaintFlow=f
sink(tv.component1()) // $ hasTaintFlow=f
sink(tv.duration)
sink(tv.duration) // $ SPURIOUS: hasTaintFlow=f
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
sink(mg0) // $ hasTaintFlow=g
sink(mg0.value) // $ hasTaintFlow=g
sink(mg0.component2())
sink(mg0.component2()) // $ SPURIOUS: hasTaintFlow=g
val iv = IndexedValue<String>(5, taint("h"))
sink(iv) // $ hasTaintFlow=h
@@ -72,4 +72,4 @@ class Test {
sink(x.index)
}
}
}
}

View File

@@ -0,0 +1 @@
function interesting() { }

View File

@@ -0,0 +1 @@
0

View File

@@ -0,0 +1,2 @@
| file://Z:/main.js:0:0:0:0 | Z:/main.js | relative |
| file://Z:/test.ts:0:0:0:0 | Z:/test.ts | relative |

View File

@@ -0,0 +1,7 @@
import javascript
from File f, string relative
where
not f.getURL().matches("%/target/intree/%") and
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, javascript, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(source_root=drive)

View File

@@ -0,0 +1 @@
print(0)

View File

@@ -0,0 +1 @@
| code/main.py:0:0:0:0 | code/main.py | |

View File

@@ -0,0 +1,5 @@
import python
from File f, string relative
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, python, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(source_root=drive)

View File

@@ -1,571 +0,0 @@
/**
* @name Cyclic join
* @description Finds non-recursive predicate bodies and query `where` clauses whose
* join graph contains an irreducible cycle (a triangle or a chordless
* cycle of length 4, 5, 6, 7, 8, 9 or 10). Such alpha-cyclic conjunctive joins cannot
* be evaluated optimally by any binary join plan and are the canonical case
* that worst-case-optimal join algorithms (e.g. Leapfrog Triejoin) accelerate.
* @id ql/cyclic-join
* @tags performance
* join-order
*/
import ql
import codeql_ql.ast.internal.AstNodeNumbering
/**
* A scope that gives rise to a conjunctive join: a predicate body or a query's
* `from`/`where`. Atoms within the same scope are (positively) conjoined.
*/
class JoinScope extends AstNode {
JoinScope() {
this instanceof Predicate or
this instanceof Select
}
}
/** Gets the nearest enclosing predicate or select of `n`. */
JoinScope getScope(AstNode n) {
result = n.getParent+() and
not exists(JoinScope closer |
closer = n.getParent+() and
result = closer.getParent+()
)
}
/** Holds if `f` combines sub-formulas, i.e. it is not a single join atom. */
predicate isConnective(Formula f) {
f instanceof Conjunction or
f instanceof Disjunction or
f instanceof Negation or
f instanceof Quantifier or
f instanceof IfFormula or
f instanceof Implication or
f instanceof HigherOrderFormula
}
/**
* An atomic formula: a leaf formula sitting in formula position inside a
* conjunctive context (its parent is a connective, a `select`, or a predicate
* body). Atoms nested inside an expression/another atom, or inside a `not`,
* are excluded because they do not contribute positive join edges.
*/
class Atom extends Formula {
Atom() {
not isConnective(this) and
exists(AstNode p | p = this.getParent() |
isConnective(p) or
p instanceof Select or
p instanceof Predicate
) and
not this.getParent+() instanceof Negation
}
}
/** Holds if atom `a` references variable `v`. */
predicate touches(Atom a, VarDef v) {
exists(VarAccess va | va = a.getAChild*() and va.getDeclaration() = v)
}
/** Holds if atom `a` uses a transitive-closure (`+`/`*`) call, i.e. is recursive. */
predicate isRecursiveAtom(Atom a) {
exists(Call c | c = a.getAChild*() and c.isClosure(_))
}
/**
* Holds if, within scope `s`, there is a (non-recursive) atom joining the two
* distinct variables `u` and `v` -- an edge of the primal (join) graph.
*/
predicate primalEdge(JoinScope s, VarDef u, VarDef v) {
u != v and
exists(Atom a |
getScope(a) = s and
not isRecursiveAtom(a) and
touches(a, u) and
touches(a, v)
)
}
/**
* Holds if scope `s` contains an irreducible triangle over the distinct
* variables `x < y < z`. "Irreducible" means no single atom covers all three
* variables, so the three edges necessarily come from three different atoms and
* the join is genuinely alpha-cyclic (not GYO-reducible).
*/
predicate triangle(JoinScope s, VarDef x, VarDef y, VarDef z) {
getPreOrderId(x) < getPreOrderId(y) and
getPreOrderId(y) < getPreOrderId(z) and
primalEdge(s, x, y) and
primalEdge(s, y, z) and
primalEdge(s, x, z) and
// conformality: no atom covers the whole clique (which would make it acyclic)
not exists(Atom cover |
getScope(cover) = s and
touches(cover, x) and
touches(cover, y) and
touches(cover, z)
)
}
/**
* Holds if scope `s` contains a chordless 4-cycle `p0 - p1 - p2 - p3 - p0` over
* four distinct variables. Chordlessness (no diagonal edge) guarantees the cycle
* is irreducible/alpha-cyclic and that no atom covers it. `p0` is the minimum and
* `p1 < p3` to report each such cycle once.
*/
predicate square(JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p1) < getPreOrderId(p3) and
p1 != p2 and
p2 != p3 and
// the four sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p0) and
// the two diagonals must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p1, p3)
}
/**
* Holds if scope `s` contains a chordless 5-cycle `p0 - p1 - p2 - p3 - p4 - p0`
* over five distinct variables. `p0` is the minimum and `p1 < p4` orients the
* cycle so each one is reported once; all five chords are required absent, which
* also rules out any covering atom (irreducible/alpha-cyclic).
*/
predicate pentagon(JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p1) < getPreOrderId(p4) and
p1 != p3 and
p2 != p4 and
// the five sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p0) and
// all five chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p2, p4)
}
/**
* Holds if scope `s` contains a chordless 6-cycle
* `p0 - p1 - p2 - p3 - p4 - p5 - p0` over six distinct variables. `p0` is the
* minimum and `p1 < p5` orients the cycle so each one is reported once; all nine
* chords are required absent, which also rules out any covering atom.
*/
predicate hexagon(JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p0) < getPreOrderId(p5) and
getPreOrderId(p1) < getPreOrderId(p5) and
p1 != p3 and
p1 != p4 and
p2 != p4 and
p2 != p5 and
p3 != p5 and
// the six sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p5) and
primalEdge(s, p5, p0) and
// all nine chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p0, p4) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p1, p5) and
not primalEdge(s, p2, p4) and
not primalEdge(s, p2, p5) and
not primalEdge(s, p3, p5)
}
/**
* Holds if scope `s` contains a chordless 7-cycle
* `p0 - p1 - p2 - p3 - p4 - p5 - p6 - p0` over seven distinct variables. `p0` is
* the minimum and `p1 < p6` orients the cycle so each one is reported once; all 14
* chords are required absent, which also rules out any covering atom.
*/
predicate heptagon(
JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6
) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p0) < getPreOrderId(p5) and
getPreOrderId(p0) < getPreOrderId(p6) and
getPreOrderId(p1) < getPreOrderId(p6) and
p1 != p3 and
p1 != p4 and
p1 != p5 and
p2 != p4 and
p2 != p5 and
p2 != p6 and
p3 != p5 and
p3 != p6 and
p4 != p6 and
// the seven sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p5) and
primalEdge(s, p5, p6) and
primalEdge(s, p6, p0) and
// all 14 chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p0, p4) and
not primalEdge(s, p0, p5) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p1, p5) and
not primalEdge(s, p1, p6) and
not primalEdge(s, p2, p4) and
not primalEdge(s, p2, p5) and
not primalEdge(s, p2, p6) and
not primalEdge(s, p3, p5) and
not primalEdge(s, p3, p6) and
not primalEdge(s, p4, p6)
}
/**
* Holds if scope `s` contains a chordless 8-cycle
* `p0 - p1 - p2 - p3 - p4 - p5 - p6 - p7 - p0` over eight distinct variables. `p0`
* is the minimum and `p1 < p7` orients the cycle so each one is reported once; all
* 20 chords are required absent, which also rules out any covering atom.
*/
predicate octagon(
JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6,
VarDef p7
) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p0) < getPreOrderId(p5) and
getPreOrderId(p0) < getPreOrderId(p6) and
getPreOrderId(p0) < getPreOrderId(p7) and
getPreOrderId(p1) < getPreOrderId(p7) and
p1 != p3 and
p1 != p4 and
p1 != p5 and
p1 != p6 and
p2 != p4 and
p2 != p5 and
p2 != p6 and
p2 != p7 and
p3 != p5 and
p3 != p6 and
p3 != p7 and
p4 != p6 and
p4 != p7 and
p5 != p7 and
// the eight sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p5) and
primalEdge(s, p5, p6) and
primalEdge(s, p6, p7) and
primalEdge(s, p7, p0) and
// all 20 chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p0, p4) and
not primalEdge(s, p0, p5) and
not primalEdge(s, p0, p6) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p1, p5) and
not primalEdge(s, p1, p6) and
not primalEdge(s, p1, p7) and
not primalEdge(s, p2, p4) and
not primalEdge(s, p2, p5) and
not primalEdge(s, p2, p6) and
not primalEdge(s, p2, p7) and
not primalEdge(s, p3, p5) and
not primalEdge(s, p3, p6) and
not primalEdge(s, p3, p7) and
not primalEdge(s, p4, p6) and
not primalEdge(s, p4, p7) and
not primalEdge(s, p5, p7)
}
/**
* Holds if scope `s` contains a chordless 9-cycle
* `p0 - p1 - p2 - p3 - p4 - p5 - p6 - p7 - p8 - p0` over nine distinct variables.
* `p0` is the minimum and `p1 < p8` orients the cycle so each one is reported once;
* all 27 chords are required absent, which also rules out any covering atom.
*/
predicate enneagon(
JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6,
VarDef p7, VarDef p8
) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p0) < getPreOrderId(p5) and
getPreOrderId(p0) < getPreOrderId(p6) and
getPreOrderId(p0) < getPreOrderId(p7) and
getPreOrderId(p0) < getPreOrderId(p8) and
getPreOrderId(p1) < getPreOrderId(p8) and
p1 != p3 and
p1 != p4 and
p1 != p5 and
p1 != p6 and
p1 != p7 and
p2 != p4 and
p2 != p5 and
p2 != p6 and
p2 != p7 and
p2 != p8 and
p3 != p5 and
p3 != p6 and
p3 != p7 and
p3 != p8 and
p4 != p6 and
p4 != p7 and
p4 != p8 and
p5 != p7 and
p5 != p8 and
p6 != p8 and
// the nine sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p5) and
primalEdge(s, p5, p6) and
primalEdge(s, p6, p7) and
primalEdge(s, p7, p8) and
primalEdge(s, p8, p0) and
// all 27 chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p0, p4) and
not primalEdge(s, p0, p5) and
not primalEdge(s, p0, p6) and
not primalEdge(s, p0, p7) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p1, p5) and
not primalEdge(s, p1, p6) and
not primalEdge(s, p1, p7) and
not primalEdge(s, p1, p8) and
not primalEdge(s, p2, p4) and
not primalEdge(s, p2, p5) and
not primalEdge(s, p2, p6) and
not primalEdge(s, p2, p7) and
not primalEdge(s, p2, p8) and
not primalEdge(s, p3, p5) and
not primalEdge(s, p3, p6) and
not primalEdge(s, p3, p7) and
not primalEdge(s, p3, p8) and
not primalEdge(s, p4, p6) and
not primalEdge(s, p4, p7) and
not primalEdge(s, p4, p8) and
not primalEdge(s, p5, p7) and
not primalEdge(s, p5, p8) and
not primalEdge(s, p6, p8)
}
/**
* Holds if scope `s` contains a chordless 10-cycle
* `p0 - p1 - p2 - p3 - p4 - p5 - p6 - p7 - p8 - p9 - p0` over ten distinct
* variables. `p0` is the minimum and `p1 < p9` orients the cycle so each one is
* reported once; all 35 chords are required absent, which also rules out any
* covering atom.
*/
predicate decagon(
JoinScope s, VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6,
VarDef p7, VarDef p8, VarDef p9
) {
getPreOrderId(p0) < getPreOrderId(p1) and
getPreOrderId(p0) < getPreOrderId(p2) and
getPreOrderId(p0) < getPreOrderId(p3) and
getPreOrderId(p0) < getPreOrderId(p4) and
getPreOrderId(p0) < getPreOrderId(p5) and
getPreOrderId(p0) < getPreOrderId(p6) and
getPreOrderId(p0) < getPreOrderId(p7) and
getPreOrderId(p0) < getPreOrderId(p8) and
getPreOrderId(p0) < getPreOrderId(p9) and
getPreOrderId(p1) < getPreOrderId(p9) and
p1 != p3 and
p1 != p4 and
p1 != p5 and
p1 != p6 and
p1 != p7 and
p1 != p8 and
p2 != p4 and
p2 != p5 and
p2 != p6 and
p2 != p7 and
p2 != p8 and
p2 != p9 and
p3 != p5 and
p3 != p6 and
p3 != p7 and
p3 != p8 and
p3 != p9 and
p4 != p6 and
p4 != p7 and
p4 != p8 and
p4 != p9 and
p5 != p7 and
p5 != p8 and
p5 != p9 and
p6 != p8 and
p6 != p9 and
p7 != p9 and
// the ten sides
primalEdge(s, p0, p1) and
primalEdge(s, p1, p2) and
primalEdge(s, p2, p3) and
primalEdge(s, p3, p4) and
primalEdge(s, p4, p5) and
primalEdge(s, p5, p6) and
primalEdge(s, p6, p7) and
primalEdge(s, p7, p8) and
primalEdge(s, p8, p9) and
primalEdge(s, p9, p0) and
// all 35 chords must be absent (chordless)
not primalEdge(s, p0, p2) and
not primalEdge(s, p0, p3) and
not primalEdge(s, p0, p4) and
not primalEdge(s, p0, p5) and
not primalEdge(s, p0, p6) and
not primalEdge(s, p0, p7) and
not primalEdge(s, p0, p8) and
not primalEdge(s, p1, p3) and
not primalEdge(s, p1, p4) and
not primalEdge(s, p1, p5) and
not primalEdge(s, p1, p6) and
not primalEdge(s, p1, p7) and
not primalEdge(s, p1, p8) and
not primalEdge(s, p1, p9) and
not primalEdge(s, p2, p4) and
not primalEdge(s, p2, p5) and
not primalEdge(s, p2, p6) and
not primalEdge(s, p2, p7) and
not primalEdge(s, p2, p8) and
not primalEdge(s, p2, p9) and
not primalEdge(s, p3, p5) and
not primalEdge(s, p3, p6) and
not primalEdge(s, p3, p7) and
not primalEdge(s, p3, p8) and
not primalEdge(s, p3, p9) and
not primalEdge(s, p4, p6) and
not primalEdge(s, p4, p7) and
not primalEdge(s, p4, p8) and
not primalEdge(s, p4, p9) and
not primalEdge(s, p5, p7) and
not primalEdge(s, p5, p8) and
not primalEdge(s, p5, p9) and
not primalEdge(s, p6, p8) and
not primalEdge(s, p6, p9) and
not primalEdge(s, p7, p9)
}
/** Gets a printable name for `v`. */
string varName(VarDef v) { result = v.getName() }
/**
* Holds if scope `s` contains an irreducible cyclic join of length `len` over
* the variables described by `vars`.
*/
predicate cyclicJoin(JoinScope s, int len, string vars) {
exists(VarDef x, VarDef y, VarDef z |
triangle(s, x, y, z) and
len = 3 and
vars = varName(x) + ", " + varName(y) + ", " + varName(z)
)
or
exists(VarDef p0, VarDef p1, VarDef p2, VarDef p3 |
square(s, p0, p1, p2, p3) and
len = 4 and
vars = varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3)
)
or
exists(VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4 |
pentagon(s, p0, p1, p2, p3, p4) and
len = 5 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4)
)
or
exists(VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5 |
hexagon(s, p0, p1, p2, p3, p4, p5) and
len = 6 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4) + ", " + varName(p5)
)
or
exists(VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6 |
heptagon(s, p0, p1, p2, p3, p4, p5, p6) and
len = 7 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4) + ", " + varName(p5) + ", " + varName(p6)
)
or
exists(
VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6, VarDef p7
|
octagon(s, p0, p1, p2, p3, p4, p5, p6, p7) and
len = 8 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4) + ", " + varName(p5) + ", " + varName(p6) + ", " + varName(p7)
)
or
exists(
VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6, VarDef p7,
VarDef p8
|
enneagon(s, p0, p1, p2, p3, p4, p5, p6, p7, p8) and
len = 9 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4) + ", " + varName(p5) + ", " + varName(p6) + ", " + varName(p7) + ", " +
varName(p8)
)
or
exists(
VarDef p0, VarDef p1, VarDef p2, VarDef p3, VarDef p4, VarDef p5, VarDef p6, VarDef p7,
VarDef p8, VarDef p9
|
decagon(s, p0, p1, p2, p3, p4, p5, p6, p7, p8, p9) and
len = 10 and
vars =
varName(p0) + ", " + varName(p1) + ", " + varName(p2) + ", " + varName(p3) + ", " +
varName(p4) + ", " + varName(p5) + ", " + varName(p6) + ", " + varName(p7) + ", " +
varName(p8) + ", " + varName(p9)
)
}
from JoinScope s, int len, string vars
where cyclicJoin(s, len, vars)
select s,
"This " + s.getAPrimaryQlClass() + " contains a non-recursive cyclic (" + len.toString() +
"-cycle) join over variables: " + vars + "."

View File

@@ -0,0 +1 @@
0

View File

@@ -0,0 +1,2 @@
| code/test.rb:0:0:0:0 | code/test.rb | |
| file://:0:0:0:0 | | |

View File

@@ -0,0 +1,5 @@
import ruby
from File f, string relative
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, ruby, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(source_root=drive)

View File

@@ -0,0 +1 @@
fn main() {}

View File

@@ -0,0 +1,2 @@
| code/test.rs:0:0:0:0 | code/test.rs | |
| file://:0:0:0:0 | | |

View File

@@ -0,0 +1,7 @@
import rust
from File f, string relative
where
not f.getURL().matches("%/target/intree/%") and
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
select f, relative

View File

@@ -0,0 +1,7 @@
import runs_on
@runs_on.windows
def test(codeql, rust, cwd, subst_drive):
drive = subst_drive(cwd / "code")
codeql.database.create(source_root=drive)

View File

@@ -0,0 +1,35 @@
load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library")
load("@rules_pkg//pkg:mappings.bzl", "pkg_attributes", "pkg_files")
cc_binary(
name = "codeql_canonical_path.dll",
srcs = [
"canonicalize.cpp",
"canonicalize.h",
"canonicalize_jni.cpp",
],
defines = ["CODEQL_CANONICALIZE_EXPORTS"],
linkopts = ["-lkernel32"],
linkshared = True,
target_compatible_with = ["@platforms//os:windows"],
visibility = ["//visibility:public"],
deps = ["@rules_java//toolchains:jni"],
)
cc_library(
name = "canonicalize",
srcs = ["canonicalize.cpp"],
hdrs = ["canonicalize.h"],
defines = ["CODEQL_CANONICALIZE_EXPORTS"],
linkopts = ["-lkernel32"],
target_compatible_with = ["@platforms//os:windows"],
visibility = ["//visibility:public"],
)
pkg_files(
name = "pkg",
srcs = [":codeql_canonical_path.dll"],
attributes = pkg_attributes(mode = "0755"),
target_compatible_with = ["@platforms//os:windows"],
visibility = ["//visibility:public"],
)

View File

@@ -0,0 +1,165 @@
#ifdef _WIN32
#include "canonicalize.h"
#include <windows.h>
#include <string>
#include <unordered_map>
#include <shared_mutex>
#include <random>
namespace {
class PathCache {
public:
static PathCache& instance() {
static PathCache cache;
return cache;
}
const wchar_t* canonicalize(const wchar_t* path) {
std::wstring key(path);
// Fast path: shared (read) lock for cache hit
{
std::shared_lock lock(mutex_);
auto it = cache_.find(key);
if (it != cache_.end()) {
return _wcsdup(it->second.c_str());
}
}
// Slow path: resolve and insert under exclusive lock
std::wstring resolved = resolve(path);
if (resolved.empty()) return nullptr;
std::unique_lock lock(mutex_);
// Check again under exclusive lock (another thread may have inserted)
auto it = cache_.find(key);
if (it != cache_.end()) {
return _wcsdup(it->second.c_str());
}
// Evict a random entry if at capacity (matches C# strategy)
if (cache_.size() >= max_capacity_) {
std::uniform_int_distribution<size_t> dist(0, cache_.size() - 1);
auto evict = cache_.begin();
std::advance(evict, dist(rng_));
cache_.erase(evict);
}
auto inserted = cache_.emplace(std::move(key), std::move(resolved)).first;
return _wcsdup(inserted->second.c_str());
}
private:
PathCache() = default;
static constexpr size_t max_capacity_ = 4096;
std::unordered_map<std::wstring, std::wstring> cache_;
std::shared_mutex mutex_;
std::mt19937 rng_{std::random_device{}()};
static std::wstring resolve(const wchar_t* path) {
HANDLE h = CreateFileW(
path,
0,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
nullptr,
OPEN_EXISTING,
FILE_FLAG_BACKUP_SEMANTICS,
nullptr);
if (h == INVALID_HANDLE_VALUE) {
return resolve_nonexistent(path);
}
std::wstring result = get_final_path(h);
CloseHandle(h);
if (result.empty()) return {};
return strip_prefix(result);
}
static std::wstring get_final_path(HANDLE h) {
wchar_t buf[MAX_PATH];
DWORD len = GetFinalPathNameByHandleW(h, buf, MAX_PATH, FILE_NAME_NORMALIZED);
if (len > 0 && len < MAX_PATH) {
return std::wstring(buf, len);
}
if (len >= MAX_PATH) {
std::wstring big(len + 1, L'\0');
len = GetFinalPathNameByHandleW(h, big.data(), len + 1, FILE_NAME_NORMALIZED);
if (len > 0) return std::wstring(big.data(), len);
}
return {};
}
static std::wstring strip_prefix(const std::wstring& path) {
constexpr std::wstring_view unc_prefix = L"\\\\?\\UNC\\";
constexpr std::wstring_view lp_prefix = L"\\\\?\\";
if (path.starts_with(unc_prefix)) {
return L"\\" + path.substr(unc_prefix.size() - 1);
}
if (path.starts_with(lp_prefix)) {
return std::wstring(path.substr(lp_prefix.size()));
}
return path;
}
// For non-existent files: canonicalize parent, append filename
// (matches C#'s ConstructCanonicalPath)
static std::wstring resolve_nonexistent(const wchar_t* path) {
std::wstring spath(path);
auto sep = spath.find_last_of(L"\\/");
if (sep == std::wstring::npos) return {};
std::wstring parent = spath.substr(0, sep);
std::wstring name = spath.substr(sep + 1);
std::wstring canonical_parent = resolve(parent.c_str());
if (canonical_parent.empty()) return {};
return canonical_parent + L"\\" + name;
}
};
} // namespace
extern "C" {
CODEQL_API const wchar_t* canonicalize_path_w(const wchar_t* path) {
if (!path || !*path) return nullptr;
return PathCache::instance().canonicalize(path);
}
CODEQL_API void canonicalize_free_w(const wchar_t* path) {
free(const_cast<wchar_t*>(path));
}
CODEQL_API const char* canonicalize_path_u8(const char* path) {
if (!path || !*path) return nullptr;
int wlen = MultiByteToWideChar(CP_UTF8, 0, path, -1, nullptr, 0);
if (wlen <= 0) return nullptr;
std::wstring wpath(wlen - 1, L'\0');
MultiByteToWideChar(CP_UTF8, 0, path, -1, wpath.data(), wlen);
const wchar_t* wresult = PathCache::instance().canonicalize(wpath.c_str());
if (!wresult) return nullptr;
int ulen = WideCharToMultiByte(CP_UTF8, 0, wresult, -1, nullptr, 0, nullptr, nullptr);
if (ulen <= 0) { free(const_cast<wchar_t*>(wresult)); return nullptr; }
char* result = static_cast<char*>(malloc(ulen));
WideCharToMultiByte(CP_UTF8, 0, wresult, -1, result, ulen, nullptr, nullptr);
free(const_cast<wchar_t*>(wresult));
return result;
}
CODEQL_API void canonicalize_free_u8(const char* path) {
free(const_cast<char*>(path));
}
} // extern "C"
#endif

View File

@@ -0,0 +1,31 @@
#ifndef CODEQL_CANONICALIZE_H
#define CODEQL_CANONICALIZE_H
#ifdef _WIN32
#ifdef CODEQL_CANONICALIZE_EXPORTS
#define CODEQL_API __declspec(dllexport)
#else
#define CODEQL_API __declspec(dllimport)
#endif
#include <wchar.h>
#ifdef __cplusplus
extern "C" {
#endif
// UTF-16 interface (for JNI / Java / Kotlin)
CODEQL_API const wchar_t* canonicalize_path_w(const wchar_t* path);
CODEQL_API void canonicalize_free_w(const wchar_t* path);
// UTF-8 interface (for Go)
CODEQL_API const char* canonicalize_path_u8(const char* path);
CODEQL_API void canonicalize_free_u8(const char* path);
#ifdef __cplusplus
}
#endif
#endif // _WIN32
#endif // CODEQL_CANONICALIZE_H

View File

@@ -0,0 +1,25 @@
#ifdef _WIN32
#include <jni.h>
#include "canonicalize.h"
extern "C" {
JNIEXPORT jstring JNICALL
Java_com_semmle_util_files_NativeCanonicalizer_nativeCanonicalizePath(
JNIEnv *env, jclass cls, jstring jpath) {
const jchar* path = env->GetStringChars(jpath, nullptr);
const wchar_t* result = canonicalize_path_w(reinterpret_cast<const wchar_t*>(path));
env->ReleaseStringChars(jpath, path);
if (result == nullptr) return nullptr;
jstring jresult = env->NewString(
reinterpret_cast<const jchar*>(result),
static_cast<jsize>(wcslen(result)));
canonicalize_free_w(result);
return jresult;
}
} // extern "C"
#endif

View File

@@ -0,0 +1,8 @@
/**
* Inline expectation tests for unified.
* See `shared/util/codeql/util/test/InlineExpectationsTest.qll`
*/
private import codeql.util.test.InlineExpectationsTest
private import internal.InlineExpectationsTestImpl
import Make<Impl>

View File

@@ -0,0 +1,21 @@
/**
* @kind test-postprocess
*/
private import unified
private import codeql.util.test.InlineExpectationsTest as T
private import internal.InlineExpectationsTestImpl
import T::TestPostProcessing
import T::TestPostProcessing::Make<Impl, Input>
private module Input implements T::TestPostProcessing::InputSig<Impl> {
string getRelativeUrl(Location location) {
exists(File f, int startline, int startcolumn, int endline, int endcolumn |
location.hasLocationInfo(_, startline, startcolumn, endline, endcolumn) and
f = location.getFile()
|
result =
f.getRelativePath() + ":" + startline + ":" + startcolumn + ":" + endline + ":" + endcolumn
)
}
}

View File

@@ -0,0 +1,12 @@
private import unified as U
private import U
private import codeql.util.test.InlineExpectationsTest
module Impl implements InlineExpectationsTestSig {
class ExpectationComment extends U::Comment {
/** Gets the text inside this comment, without the surrounding comment delimiters. */
string getContents() { result = this.getCommentText() }
}
class Location = U::Location;
}