mirror of
https://github.com/github/codeql.git
synced 2026-07-02 18:15:33 +02:00
Compare commits
1 Commits
main
...
python-two
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
cdd557f877 |
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: deprecated
|
|
||||||
---
|
|
||||||
* Models-as-data flow summaries now use fully qualified field names (for example, `MyNamespace::MyStruct::myField`) instead of unqualified field names such as `myField`. We recommend updating existing flow summaries to use fully qualified field names. Unqualified field names are still supported, but that support will be removed in a future release.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: breaking
|
|
||||||
---
|
|
||||||
* Removed support for using variables as sources and sinks in models-as-data. Users of this feature should convert such sources and sinks to models defined using the QL language.
|
|
||||||
@@ -931,6 +931,31 @@ private Element interpretElement0(
|
|||||||
signature = "" and
|
signature = "" and
|
||||||
elementSpec(namespace, type, subtypes, name, signature, _)
|
elementSpec(namespace, type, subtypes, name, signature, _)
|
||||||
)
|
)
|
||||||
|
or
|
||||||
|
// Member variables
|
||||||
|
elementSpec(namespace, type, subtypes, name, signature, _) and
|
||||||
|
signature = "" and
|
||||||
|
exists(Class namedClass, Class classWithMember, MemberVariable member |
|
||||||
|
member.getName() = name and
|
||||||
|
member = classWithMember.getAMember() and
|
||||||
|
namedClass.hasQualifiedName(namespace, type) and
|
||||||
|
result = member
|
||||||
|
|
|
||||||
|
// field declared in the named type or a subtype of it (or an extension of any)
|
||||||
|
subtypes = true and
|
||||||
|
classWithMember = namedClass.getADerivedClass*()
|
||||||
|
or
|
||||||
|
// field declared directly in the named type (or an extension of it)
|
||||||
|
subtypes = false and
|
||||||
|
classWithMember = namedClass
|
||||||
|
)
|
||||||
|
or
|
||||||
|
// Global or namespace variables
|
||||||
|
elementSpec(namespace, type, subtypes, name, signature, _) and
|
||||||
|
signature = "" and
|
||||||
|
type = "" and
|
||||||
|
subtypes = false and
|
||||||
|
result = any(GlobalOrNamespaceVariable v | v.hasQualifiedName(namespace, name))
|
||||||
}
|
}
|
||||||
|
|
||||||
cached
|
cached
|
||||||
|
|||||||
@@ -6,7 +6,6 @@ private import cpp as Cpp
|
|||||||
private import codeql.dataflow.internal.FlowSummaryImpl
|
private import codeql.dataflow.internal.FlowSummaryImpl
|
||||||
private import codeql.dataflow.internal.AccessPathSyntax as AccessPath
|
private import codeql.dataflow.internal.AccessPathSyntax as AccessPath
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate
|
private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowNodes
|
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil
|
private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil
|
||||||
private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific as DataFlowImplSpecific
|
private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific as DataFlowImplSpecific
|
||||||
private import semmle.code.cpp.dataflow.ExternalFlow
|
private import semmle.code.cpp.dataflow.ExternalFlow
|
||||||
@@ -21,22 +20,8 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
|||||||
|
|
||||||
class SinkBase = Void;
|
class SinkBase = Void;
|
||||||
|
|
||||||
class FlowSummaryCallBase = CallInstruction;
|
|
||||||
|
|
||||||
predicate callableFromSource(SummarizedCallableBase c) { exists(c.getBlock()) }
|
predicate callableFromSource(SummarizedCallableBase c) { exists(c.getBlock()) }
|
||||||
|
|
||||||
FlowSummaryCallBase getASourceCall(SummarizedCallableBase sc) {
|
|
||||||
result.getStaticCallTarget() = sc
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCallable getSummarizedCallableAsDataFlowCallable(SummarizedCallableBase c) {
|
|
||||||
result.asSummarizedCallable() = c
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCallable getSourceCallEnclosingCallable(FlowSummaryCallBase call) {
|
|
||||||
result.asSourceCallable() = call.getEnclosingFunction()
|
|
||||||
}
|
|
||||||
|
|
||||||
ArgumentPosition callbackSelfParameterPosition() { result = TDirectPosition(-1) }
|
ArgumentPosition callbackSelfParameterPosition() { result = TDirectPosition(-1) }
|
||||||
|
|
||||||
ReturnKind getStandardReturnValueKind() { result = getReturnValueKind("") }
|
ReturnKind getStandardReturnValueKind() { result = getReturnValueKind("") }
|
||||||
@@ -45,10 +30,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
|||||||
arg = repeatStars(result.(NormalReturnKind).getIndirectionIndex())
|
arg = repeatStars(result.(NormalReturnKind).getIndirectionIndex())
|
||||||
}
|
}
|
||||||
|
|
||||||
ParameterPosition getFlowSummaryParameterPosition(ReturnKind rk) {
|
|
||||||
result = TFlowSummaryPosition(rk)
|
|
||||||
}
|
|
||||||
|
|
||||||
string encodeParameterPosition(ParameterPosition pos) { result = pos.toString() }
|
string encodeParameterPosition(ParameterPosition pos) { result = pos.toString() }
|
||||||
|
|
||||||
string encodeArgumentPosition(ArgumentPosition pos) { result = pos.toString() }
|
string encodeArgumentPosition(ArgumentPosition pos) { result = pos.toString() }
|
||||||
@@ -59,24 +40,12 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
|||||||
arg = repeatStars(rk.(NormalReturnKind).getIndirectionIndex())
|
arg = repeatStars(rk.(NormalReturnKind).getIndirectionIndex())
|
||||||
}
|
}
|
||||||
|
|
||||||
bindingset[namespace, type, base]
|
|
||||||
private string formatQualifiedName(string namespace, string type, string base) {
|
|
||||||
if namespace = ""
|
|
||||||
then result = type + "::" + base
|
|
||||||
else result = namespace + "::" + type + "::" + base
|
|
||||||
}
|
|
||||||
|
|
||||||
string encodeContent(ContentSet cs, string arg) {
|
string encodeContent(ContentSet cs, string arg) {
|
||||||
exists(FieldContent c, string namespace, string type, string base |
|
exists(FieldContent c |
|
||||||
cs.isSingleton(c) and
|
cs.isSingleton(c) and
|
||||||
// FieldContent indices have 0 for the address, 1 for content, so we need to subtract one.
|
// FieldContent indices have 0 for the address, 1 for content, so we need to subtract one.
|
||||||
result = "Field" and
|
result = "Field" and
|
||||||
c.getField().hasQualifiedName(namespace, type, base)
|
arg = repeatStars(c.getIndirectionIndex() - 1) + c.getField().getName()
|
||||||
|
|
|
||||||
arg = repeatStars(c.getIndirectionIndex() - 1) + formatQualifiedName(namespace, type, base)
|
|
||||||
or
|
|
||||||
// TODO: This disjunct can be removed once we stop supporting unqualified field names.
|
|
||||||
arg = repeatStars(c.getIndirectionIndex() - 1) + base
|
|
||||||
)
|
)
|
||||||
or
|
or
|
||||||
exists(ElementContent ec |
|
exists(ElementContent ec |
|
||||||
@@ -133,22 +102,10 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CppDataFlow> {
|
|||||||
private import Make<Location, DataFlowImplSpecific::CppDataFlow, Input> as Impl
|
private import Make<Location, DataFlowImplSpecific::CppDataFlow, Input> as Impl
|
||||||
|
|
||||||
private module StepsInput implements Impl::Private::StepsInputSig {
|
private module StepsInput implements Impl::Private::StepsInputSig {
|
||||||
Impl::Private::SummaryNode getSummaryNode(Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
||||||
result.getStaticCallTarget().getUnderlyingCallable() = sc
|
result.getStaticCallTarget().getUnderlyingCallable() = sc
|
||||||
}
|
}
|
||||||
|
|
||||||
Node getSourceOutNode(Input::FlowSummaryCallBase call, ReturnKind rk) {
|
|
||||||
exists(IndirectReturnOutNode out | result = out |
|
|
||||||
out.getCallInstruction() = call and
|
|
||||||
pragma[only_bind_out](rk.(NormalReturnKind).getIndirectionIndex()) =
|
|
||||||
pragma[only_bind_out](out.getIndirectionIndex())
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
|
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
|
||||||
|
|
||||||
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
|
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
|
||||||
@@ -261,11 +218,40 @@ module SourceSinkInterpretationInput implements
|
|||||||
|
|
||||||
/** Provides additional sink specification logic. */
|
/** Provides additional sink specification logic. */
|
||||||
bindingset[c]
|
bindingset[c]
|
||||||
predicate interpretOutput(string c, InterpretNode mid, InterpretNode node) { none() }
|
predicate interpretOutput(string c, InterpretNode mid, InterpretNode node) {
|
||||||
|
// Allow variables to be picked as output nodes.
|
||||||
|
exists(Node n, Element ast |
|
||||||
|
n = node.asNode() and
|
||||||
|
ast = mid.asElement()
|
||||||
|
|
|
||||||
|
c = "" and
|
||||||
|
n.asExpr().(VariableAccess).getTarget() = ast
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
/** Provides additional source specification logic. */
|
/** Provides additional source specification logic. */
|
||||||
bindingset[c]
|
bindingset[c]
|
||||||
predicate interpretInput(string c, InterpretNode mid, InterpretNode node) { none() }
|
predicate interpretInput(string c, InterpretNode mid, InterpretNode node) {
|
||||||
|
exists(Node n, Element ast, VariableAccess e |
|
||||||
|
n = node.asNode() and
|
||||||
|
ast = mid.asElement() and
|
||||||
|
e.getTarget() = ast
|
||||||
|
|
|
||||||
|
// Allow variables to be picked as input nodes.
|
||||||
|
// We could simply do this as `e = n.asExpr()`, but that would not allow
|
||||||
|
// us to pick `x` as a sink in an example such as `x = source()` (but
|
||||||
|
// only subsequent uses of `x`) since the variable access on `x` doesn't
|
||||||
|
// actually load the value of `x`. So instead, we pick the instruction
|
||||||
|
// node corresponding to the generated `StoreInstruction` and use the
|
||||||
|
// expression associated with the destination instruction. This means
|
||||||
|
// that the `x` in `x = source()` can be marked as an input.
|
||||||
|
c = "" and
|
||||||
|
exists(StoreInstruction store |
|
||||||
|
store.getDestinationAddress().getUnconvertedResultExpression() = e and
|
||||||
|
n.asInstruction() = store
|
||||||
|
)
|
||||||
|
)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module Private {
|
module Private {
|
||||||
|
|||||||
@@ -1534,8 +1534,12 @@ class FlowSummaryNode extends Node, TFlowSummaryNode {
|
|||||||
result = this.getSummaryNode().getSummarizedCallable()
|
result = this.getSummaryNode().getSummarizedCallable()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets the enclosing callable. For a `FlowSummaryNode` this is always the
|
||||||
|
* summarized function this node is part of.
|
||||||
|
*/
|
||||||
override DataFlowCallable getEnclosingCallable() {
|
override DataFlowCallable getEnclosingCallable() {
|
||||||
result = FlowSummaryImpl::Private::getEnclosingCallable(this.getSummaryNode())
|
result.asSummarizedCallable() = this.getSummarizedCallable()
|
||||||
}
|
}
|
||||||
|
|
||||||
override Location getLocationImpl() { result = this.getSummarizedCallable().getLocation() }
|
override Location getLocationImpl() { result = this.getSummarizedCallable().getLocation() }
|
||||||
|
|||||||
@@ -561,21 +561,6 @@ class SummaryArgumentNode extends ArgumentNode, FlowSummaryNode {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/** An argument node that re-enters return output as input to a flow summary. */
|
|
||||||
private class FlowSummaryArgumentNode extends ArgumentNode, FlowSummaryNode {
|
|
||||||
private CallInstruction callInstruction;
|
|
||||||
private ReturnKind rk;
|
|
||||||
|
|
||||||
FlowSummaryArgumentNode() {
|
|
||||||
this.getSummaryNode() = FlowSummaryImpl::Private::summaryArgumentNode(callInstruction, rk)
|
|
||||||
}
|
|
||||||
|
|
||||||
override predicate argumentOf(DataFlowCall call, ArgumentPosition pos) {
|
|
||||||
call.asCallInstruction() = callInstruction and
|
|
||||||
pos = TFlowSummaryPosition(rk)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/** A parameter position represented by an integer. */
|
/** A parameter position represented by an integer. */
|
||||||
class ParameterPosition = Position;
|
class ParameterPosition = Position;
|
||||||
|
|
||||||
@@ -631,18 +616,6 @@ class IndirectionPosition extends Position, TIndirectionPosition {
|
|||||||
final override int getIndirectionIndex() { result = indirectionIndex }
|
final override int getIndirectionIndex() { result = indirectionIndex }
|
||||||
}
|
}
|
||||||
|
|
||||||
class FlowSummaryPosition extends Position, TFlowSummaryPosition {
|
|
||||||
ReturnKind rk;
|
|
||||||
|
|
||||||
FlowSummaryPosition() { this = TFlowSummaryPosition(rk) }
|
|
||||||
|
|
||||||
override string toString() { result = "write to: " + rk.toString() }
|
|
||||||
|
|
||||||
override int getArgumentIndex() { none() }
|
|
||||||
|
|
||||||
final override int getIndirectionIndex() { result = rk.getIndirectionIndex() }
|
|
||||||
}
|
|
||||||
|
|
||||||
newtype TPosition =
|
newtype TPosition =
|
||||||
TDirectPosition(int argumentIndex) {
|
TDirectPosition(int argumentIndex) {
|
||||||
exists(any(CallInstruction c).getArgument(argumentIndex))
|
exists(any(CallInstruction c).getArgument(argumentIndex))
|
||||||
@@ -661,8 +634,7 @@ newtype TPosition =
|
|||||||
p = f.getParameter(argumentIndex) and
|
p = f.getParameter(argumentIndex) and
|
||||||
indirectionIndex = [1 .. Ssa::getMaxIndirectionsForType(p.getUnspecifiedType()) - 1]
|
indirectionIndex = [1 .. Ssa::getMaxIndirectionsForType(p.getUnspecifiedType()) - 1]
|
||||||
)
|
)
|
||||||
} or
|
}
|
||||||
TFlowSummaryPosition(ReturnKind rk) { FlowSummaryImpl::Private::relevantFlowSummaryPosition(rk) }
|
|
||||||
|
|
||||||
private newtype TReturnKind =
|
private newtype TReturnKind =
|
||||||
TNormalReturnKind(int indirectionIndex) {
|
TNormalReturnKind(int indirectionIndex) {
|
||||||
@@ -1406,8 +1378,6 @@ predicate nodeIsHidden(Node n) {
|
|||||||
n instanceof InitialGlobalValue
|
n instanceof InitialGlobalValue
|
||||||
or
|
or
|
||||||
n instanceof SsaSynthNode
|
n instanceof SsaSynthNode
|
||||||
or
|
|
||||||
n.(FlowSummaryNode).getSummaryNode().isHidden()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
predicate neverSkipInPathGraph(Node n) {
|
predicate neverSkipInPathGraph(Node n) {
|
||||||
|
|||||||
@@ -158,7 +158,7 @@ private module Cached {
|
|||||||
model = ""
|
model = ""
|
||||||
or
|
or
|
||||||
// models-as-data summarized flow
|
// models-as-data summarized flow
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -67,7 +67,7 @@ private module Cached {
|
|||||||
model = ""
|
model = ""
|
||||||
or
|
or
|
||||||
// models-as-data summarized flow
|
// models-as-data summarized flow
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), false, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), false, model)
|
||||||
or
|
or
|
||||||
// object->field conflation for content that is a `TaintInheritingContent`.
|
// object->field conflation for content that is a `TaintInheritingContent`.
|
||||||
|
|||||||
@@ -48,23 +48,19 @@ models
|
|||||||
| 47 | Summary: ; ; false; callWithArgument; ; ; Argument[1]; Argument[0].Parameter[0]; value; manual |
|
| 47 | Summary: ; ; false; callWithArgument; ; ; Argument[1]; Argument[0].Parameter[0]; value; manual |
|
||||||
| 48 | Summary: ; ; false; callWithNonTypeTemplate<T>; (const T &); ; Argument[*0]; ReturnValue; value; manual |
|
| 48 | Summary: ; ; false; callWithNonTypeTemplate<T>; (const T &); ; Argument[*0]; ReturnValue; value; manual |
|
||||||
| 49 | Summary: ; ; false; pthread_create; ; ; Argument[@3]; Argument[2].Parameter[@0]; value; manual |
|
| 49 | Summary: ; ; false; pthread_create; ; ; Argument[@3]; Argument[2].Parameter[@0]; value; manual |
|
||||||
| 50 | Summary: ; ; false; read_field_from_struct; ; ; Argument[*0].Field[MyNamespace::MyStructInNamespace::myField]; ReturnValue; value; manual |
|
| 50 | Summary: ; ; false; ymlStepGenerated; ; ; Argument[0]; ReturnValue; taint; df-generated |
|
||||||
| 51 | Summary: ; ; false; read_field_from_struct_2; ; ; Argument[*0].Field[MyGlobalStruct::myField]; ReturnValue; value; manual |
|
| 51 | Summary: ; ; false; ymlStepManual; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||||
| 52 | Summary: ; ; false; ymlStepGenerated; ; ; Argument[0]; ReturnValue; taint; df-generated |
|
| 52 | Summary: ; ; false; ymlStepManual_with_body; ; ; Argument[0]; ReturnValue; taint; manual |
|
||||||
| 53 | Summary: ; ; false; ymlStepManual; ; ; Argument[0]; ReturnValue; taint; manual |
|
| 53 | Summary: ; TemplateClass1; true; templateFunction2<U,V>; (U,V); ; Argument[1]; ReturnValue; value; manual |
|
||||||
| 54 | Summary: ; ; false; ymlStepManual_with_body; ; ; Argument[0]; ReturnValue; taint; manual |
|
| 54 | Summary: ; TemplateClass1<T>; false; templateFunction<U>; (T,U); ; Argument[0]; ReturnValue; value; manual |
|
||||||
| 55 | Summary: ; MyString; true; operator[]; ; ; Argument[-1]; ReturnValue[*]; taint; manual |
|
| 55 | Summary: ; TemplateClass2<T,U>; true; function; (U,T); ; Argument[1]; ReturnValue; value; manual |
|
||||||
| 56 | Summary: ; MyString; true; operator[]; ; ; ReturnValue[*]; Argument[-1]; taint; manual |
|
| 56 | Summary: Azure::Core::IO; BodyStream; true; Read; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||||
| 57 | Summary: ; ReverseFlow; true; get_ptr; ; ; ReturnValue[*]; Argument[-1].Field[ReverseFlow::value]; value; manual |
|
| 57 | Summary: Azure::Core::IO; BodyStream; true; ReadToCount; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
||||||
| 58 | Summary: ; TemplateClass1; true; templateFunction2<U,V>; (U,V); ; Argument[1]; ReturnValue; value; manual |
|
| 58 | Summary: Azure::Core::IO; BodyStream; true; ReadToEnd; ; ; Argument[-1]; ReturnValue.Element; taint; manual |
|
||||||
| 59 | Summary: ; TemplateClass1<T>; false; templateFunction<U>; (T,U); ; Argument[0]; ReturnValue; value; manual |
|
| 59 | Summary: Azure; Nullable; true; Value; ; ; Argument[-1]; ReturnValue[*]; taint; manual |
|
||||||
| 60 | Summary: ; TemplateClass2<T,U>; true; function; (U,T); ; Argument[1]; ReturnValue; value; manual |
|
| 60 | Summary: boost::asio; ; false; buffer; ; ; Argument[*0]; ReturnValue; taint; manual |
|
||||||
| 61 | Summary: Azure::Core::IO; BodyStream; true; Read; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
|
||||||
| 62 | Summary: Azure::Core::IO; BodyStream; true; ReadToCount; ; ; Argument[-1]; Argument[*0]; taint; manual |
|
|
||||||
| 63 | Summary: Azure::Core::IO; BodyStream; true; ReadToEnd; ; ; Argument[-1]; ReturnValue.Element; taint; manual |
|
|
||||||
| 64 | Summary: Azure; Nullable; true; Value; ; ; Argument[-1]; ReturnValue[*]; taint; manual |
|
|
||||||
| 65 | Summary: boost::asio; ; false; buffer; ; ; Argument[*0]; ReturnValue; taint; manual |
|
|
||||||
edges
|
edges
|
||||||
|
| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | provenance | MaD:60 |
|
||||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:91:7:91:17 | recv_buffer | provenance | Src:MaD:32 |
|
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:91:7:91:17 | recv_buffer | provenance | Src:MaD:32 |
|
||||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:93:29:93:39 | *recv_buffer | provenance | Src:MaD:32 Sink:MaD:2 |
|
| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:93:29:93:39 | *recv_buffer | provenance | Src:MaD:32 Sink:MaD:2 |
|
||||||
| asio_streams.cpp:97:37:97:44 | call to source | asio_streams.cpp:98:7:98:14 | send_str | provenance | TaintFunction |
|
| asio_streams.cpp:97:37:97:44 | call to source | asio_streams.cpp:98:7:98:14 | send_str | provenance | TaintFunction |
|
||||||
@@ -72,16 +68,25 @@ edges
|
|||||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | |
|
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | |
|
||||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:101:7:101:17 | send_buffer | provenance | |
|
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:101:7:101:17 | send_buffer | provenance | |
|
||||||
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:2 |
|
| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:2 |
|
||||||
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:65 |
|
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance | |
|
||||||
|
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:60 |
|
||||||
|
| azure.cpp:62:10:62:14 | [summary param] this in Value | azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | provenance | MaD:59 |
|
||||||
|
| azure.cpp:113:16:113:19 | [summary param] this in Read | azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | provenance | MaD:56 |
|
||||||
|
| azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | provenance | MaD:57 |
|
||||||
|
| azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | provenance | MaD:58 |
|
||||||
|
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | provenance | |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:253:48:253:60 | *call to GetBodyStream | provenance | Src:MaD:29 |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:253:48:253:60 | *call to GetBodyStream | provenance | Src:MaD:29 |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:257:5:257:8 | *resp | provenance | |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:257:5:257:8 | *resp | provenance | |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:262:5:262:8 | *resp | provenance | |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:262:5:262:8 | *resp | provenance | |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:266:38:266:41 | *resp | provenance | |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | azure.cpp:266:38:266:41 | *resp | provenance | |
|
||||||
| azure.cpp:257:5:257:8 | *resp | azure.cpp:257:16:257:21 | Read output argument | provenance | MaD:61 |
|
| azure.cpp:257:5:257:8 | *resp | azure.cpp:113:16:113:19 | [summary param] this in Read | provenance | |
|
||||||
|
| azure.cpp:257:5:257:8 | *resp | azure.cpp:257:16:257:21 | Read output argument | provenance | MaD:56 |
|
||||||
| azure.cpp:257:16:257:21 | Read output argument | azure.cpp:258:10:258:16 | * ... | provenance | |
|
| azure.cpp:257:16:257:21 | Read output argument | azure.cpp:258:10:258:16 | * ... | provenance | |
|
||||||
| azure.cpp:262:5:262:8 | *resp | azure.cpp:262:23:262:28 | ReadToCount output argument | provenance | MaD:62 |
|
| azure.cpp:262:5:262:8 | *resp | azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | provenance | |
|
||||||
|
| azure.cpp:262:5:262:8 | *resp | azure.cpp:262:23:262:28 | ReadToCount output argument | provenance | MaD:57 |
|
||||||
| azure.cpp:262:23:262:28 | ReadToCount output argument | azure.cpp:263:10:263:16 | * ... | provenance | |
|
| azure.cpp:262:23:262:28 | ReadToCount output argument | azure.cpp:263:10:263:16 | * ... | provenance | |
|
||||||
| azure.cpp:266:38:266:41 | *resp | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | MaD:63 |
|
| azure.cpp:266:38:266:41 | *resp | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | provenance | |
|
||||||
|
| azure.cpp:266:38:266:41 | *resp | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | MaD:58 |
|
||||||
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | |
|
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:266:44:266:52 | call to ReadToEnd [element] | provenance | |
|
||||||
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:267:10:267:12 | vec [element] | provenance | |
|
| azure.cpp:266:44:266:52 | call to ReadToEnd [element] | azure.cpp:267:10:267:12 | vec [element] | provenance | |
|
||||||
| azure.cpp:267:10:267:12 | vec [element] | azure.cpp:267:10:267:12 | vec | provenance | |
|
| azure.cpp:267:10:267:12 | vec [element] | azure.cpp:267:10:267:12 | vec | provenance | |
|
||||||
@@ -97,10 +102,12 @@ edges
|
|||||||
| azure.cpp:278:10:278:13 | body | azure.cpp:278:10:278:13 | body | provenance | |
|
| azure.cpp:278:10:278:13 | body | azure.cpp:278:10:278:13 | body | provenance | |
|
||||||
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:281:68:281:84 | *call to ExtractBodyStream | provenance | Src:MaD:26 |
|
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:281:68:281:84 | *call to ExtractBodyStream | provenance | Src:MaD:26 |
|
||||||
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:282:21:282:23 | *call to get | provenance | |
|
| azure.cpp:281:68:281:84 | *call to ExtractBodyStream | azure.cpp:282:21:282:23 | *call to get | provenance | |
|
||||||
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | MaD:63 |
|
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | provenance | |
|
||||||
|
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | MaD:58 |
|
||||||
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:10:282:38 | call to ReadToEnd | provenance | |
|
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:10:282:38 | call to ReadToEnd | provenance | |
|
||||||
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | |
|
| azure.cpp:282:28:282:36 | call to ReadToEnd [element] | azure.cpp:282:28:282:36 | call to ReadToEnd [element] | provenance | |
|
||||||
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:289:63:289:65 | call to Value | provenance | MaD:64 |
|
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:62:10:62:14 | [summary param] this in Value | provenance | |
|
||||||
|
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:289:63:289:65 | call to Value | provenance | MaD:59 |
|
||||||
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:24:289:56 | call to GetHeader | provenance | |
|
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:24:289:56 | call to GetHeader | provenance | |
|
||||||
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:32:289:40 | call to GetHeader | provenance | Src:MaD:30 |
|
| azure.cpp:289:32:289:40 | call to GetHeader | azure.cpp:289:32:289:40 | call to GetHeader | provenance | Src:MaD:30 |
|
||||||
| azure.cpp:289:63:289:65 | call to Value | azure.cpp:289:63:289:65 | call to Value | provenance | |
|
| azure.cpp:289:63:289:65 | call to Value | azure.cpp:289:63:289:65 | call to Value | provenance | |
|
||||||
@@ -112,6 +119,9 @@ edges
|
|||||||
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||||
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
| azure.cpp:294:38:294:53 | call to operator[] | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||||
| azure.cpp:295:10:295:20 | contentType | azure.cpp:295:10:295:20 | contentType | provenance | |
|
| azure.cpp:295:10:295:20 | contentType | azure.cpp:295:10:295:20 | contentType | provenance | |
|
||||||
|
| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:51 |
|
||||||
|
| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:50 |
|
||||||
|
| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:52 |
|
||||||
| test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance | |
|
| test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance | |
|
||||||
| test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance | |
|
| test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance | |
|
||||||
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
@@ -122,13 +132,16 @@ edges
|
|||||||
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance | |
|
| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance | |
|
||||||
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | |
|
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | |
|
||||||
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:1 |
|
| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:53 |
|
| test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance | |
|
||||||
|
| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:51 |
|
||||||
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | |
|
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | |
|
||||||
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:1 |
|
| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:52 |
|
| test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance | |
|
||||||
|
| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:50 |
|
||||||
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | |
|
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | |
|
||||||
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:1 |
|
| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:54 |
|
| test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance | |
|
||||||
|
| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:52 |
|
||||||
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | |
|
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | |
|
||||||
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:1 |
|
| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance | |
|
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance | |
|
||||||
@@ -136,10 +149,20 @@ edges
|
|||||||
| test.cpp:46:30:46:32 | *arg [x] | test.cpp:47:12:47:19 | *arg [x] | provenance | |
|
| test.cpp:46:30:46:32 | *arg [x] | test.cpp:47:12:47:19 | *arg [x] | provenance | |
|
||||||
| test.cpp:47:12:47:19 | *arg [x] | test.cpp:48:13:48:13 | *s [x] | provenance | |
|
| test.cpp:47:12:47:19 | *arg [x] | test.cpp:48:13:48:13 | *s [x] | provenance | |
|
||||||
| test.cpp:48:13:48:13 | *s [x] | test.cpp:48:16:48:16 | x | provenance | Sink:MaD:1 |
|
| test.cpp:48:13:48:13 | *s [x] | test.cpp:48:16:48:16 | x | provenance | Sink:MaD:1 |
|
||||||
|
| test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | provenance | MaD:49 |
|
||||||
|
| test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | test.cpp:46:30:46:32 | *arg [x] | provenance | |
|
||||||
| test.cpp:56:2:56:2 | *s [post update] [x] | test.cpp:59:55:59:64 | *& ... [x] | provenance | |
|
| test.cpp:56:2:56:2 | *s [post update] [x] | test.cpp:59:55:59:64 | *& ... [x] | provenance | |
|
||||||
| test.cpp:56:2:56:18 | ... = ... | test.cpp:56:2:56:2 | *s [post update] [x] | provenance | |
|
| test.cpp:56:2:56:18 | ... = ... | test.cpp:56:2:56:2 | *s [post update] [x] | provenance | |
|
||||||
| test.cpp:56:8:56:16 | call to ymlSource | test.cpp:56:2:56:18 | ... = ... | provenance | Src:MaD:25 |
|
| test.cpp:56:8:56:16 | call to ymlSource | test.cpp:56:2:56:18 | ... = ... | provenance | Src:MaD:25 |
|
||||||
| test.cpp:59:55:59:64 | *& ... [x] | test.cpp:46:30:46:32 | *arg [x] | provenance | MaD:49 |
|
| test.cpp:59:55:59:64 | *& ... [x] | test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | provenance | |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | provenance | MaD:47 |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:68:22:68:22 | y | provenance | |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:74:22:74:22 | y | provenance | |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:82:22:82:22 | y | provenance | |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | test.cpp:88:22:88:22 | y | provenance | |
|
||||||
| test.cpp:68:22:68:22 | y | test.cpp:69:11:69:11 | y | provenance | Sink:MaD:1 |
|
| test.cpp:68:22:68:22 | y | test.cpp:69:11:69:11 | y | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:74:22:74:22 | y | test.cpp:75:11:75:11 | y | provenance | Sink:MaD:1 |
|
| test.cpp:74:22:74:22 | y | test.cpp:75:11:75:11 | y | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:82:22:82:22 | y | test.cpp:83:11:83:11 | y | provenance | Sink:MaD:1 |
|
| test.cpp:82:22:82:22 | y | test.cpp:83:11:83:11 | y | provenance | Sink:MaD:1 |
|
||||||
@@ -149,73 +172,69 @@ edges
|
|||||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:101:26:101:26 | x | provenance | |
|
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:101:26:101:26 | x | provenance | |
|
||||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:103:63:103:63 | x | provenance | |
|
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:103:63:103:63 | x | provenance | |
|
||||||
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:104:62:104:62 | x | provenance | |
|
| test.cpp:94:10:94:18 | call to ymlSource | test.cpp:104:62:104:62 | x | provenance | |
|
||||||
| test.cpp:97:26:97:26 | x | test.cpp:68:22:68:22 | y | provenance | MaD:47 |
|
| test.cpp:97:26:97:26 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||||
| test.cpp:101:26:101:26 | x | test.cpp:74:22:74:22 | y | provenance | MaD:47 |
|
| test.cpp:101:26:101:26 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||||
| test.cpp:103:63:103:63 | x | test.cpp:82:22:82:22 | y | provenance | MaD:47 |
|
| test.cpp:103:63:103:63 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||||
| test.cpp:104:62:104:62 | x | test.cpp:88:22:88:22 | y | provenance | MaD:47 |
|
| test.cpp:104:62:104:62 | x | test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | provenance | |
|
||||||
|
| test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | provenance | MaD:48 |
|
||||||
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:114:10:114:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:114:10:114:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:118:44:118:44 | *x | provenance | |
|
| test.cpp:114:10:114:18 | call to ymlSource | test.cpp:118:44:118:44 | *x | provenance | |
|
||||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | |
|
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | |
|
||||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:119:10:119:11 | y2 | provenance | Sink:MaD:1 |
|
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | test.cpp:119:10:119:11 | y2 | provenance | Sink:MaD:1 |
|
||||||
|
| test.cpp:118:44:118:44 | *x | test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | provenance | |
|
||||||
| test.cpp:118:44:118:44 | *x | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | MaD:48 |
|
| test.cpp:118:44:118:44 | *x | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | provenance | MaD:48 |
|
||||||
|
| test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | provenance | MaD:54 |
|
||||||
|
| test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | provenance | MaD:53 |
|
||||||
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:133:10:133:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:133:10:133:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:134:45:134:45 | x | provenance | |
|
| test.cpp:133:10:133:18 | call to ymlSource | test.cpp:134:45:134:45 | x | provenance | |
|
||||||
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:134:13:134:43 | call to templateFunction | provenance | |
|
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:134:13:134:43 | call to templateFunction | provenance | |
|
||||||
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:135:10:135:10 | y | provenance | Sink:MaD:1 |
|
| test.cpp:134:13:134:43 | call to templateFunction | test.cpp:135:10:135:10 | y | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:134:45:134:45 | x | test.cpp:134:13:134:43 | call to templateFunction | provenance | MaD:59 |
|
| test.cpp:134:45:134:45 | x | test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | provenance | |
|
||||||
|
| test.cpp:134:45:134:45 | x | test.cpp:134:13:134:43 | call to templateFunction | provenance | MaD:54 |
|
||||||
|
| test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | provenance | MaD:55 |
|
||||||
|
| test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | provenance | MaD:55 |
|
||||||
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:146:10:146:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:146:10:146:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:148:26:148:26 | x | provenance | |
|
| test.cpp:146:10:146:18 | call to ymlSource | test.cpp:148:26:148:26 | x | provenance | |
|
||||||
| test.cpp:148:10:148:27 | call to function | test.cpp:148:10:148:27 | call to function | provenance | |
|
| test.cpp:148:10:148:27 | call to function | test.cpp:148:10:148:27 | call to function | provenance | |
|
||||||
| test.cpp:148:10:148:27 | call to function | test.cpp:149:10:149:10 | z | provenance | Sink:MaD:1 |
|
| test.cpp:148:10:148:27 | call to function | test.cpp:149:10:149:10 | z | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:148:26:148:26 | x | test.cpp:148:10:148:27 | call to function | provenance | MaD:60 |
|
| test.cpp:148:26:148:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | provenance | |
|
||||||
|
| test.cpp:148:26:148:26 | x | test.cpp:148:10:148:27 | call to function | provenance | MaD:55 |
|
||||||
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:155:10:155:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:155:10:155:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:157:26:157:26 | x | provenance | |
|
| test.cpp:155:10:155:18 | call to ymlSource | test.cpp:157:26:157:26 | x | provenance | |
|
||||||
| test.cpp:157:13:157:20 | call to function | test.cpp:157:13:157:20 | call to function | provenance | |
|
| test.cpp:157:13:157:20 | call to function | test.cpp:157:13:157:20 | call to function | provenance | |
|
||||||
| test.cpp:157:13:157:20 | call to function | test.cpp:158:10:158:10 | z | provenance | Sink:MaD:1 |
|
| test.cpp:157:13:157:20 | call to function | test.cpp:158:10:158:10 | z | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:157:26:157:26 | x | test.cpp:157:13:157:20 | call to function | provenance | MaD:60 |
|
| test.cpp:157:26:157:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | provenance | |
|
||||||
|
| test.cpp:157:26:157:26 | x | test.cpp:157:13:157:20 | call to function | provenance | MaD:55 |
|
||||||
| test.cpp:164:34:164:34 | x | test.cpp:165:69:165:69 | x | provenance | |
|
| test.cpp:164:34:164:34 | x | test.cpp:165:69:165:69 | x | provenance | |
|
||||||
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:164:7:164:7 | *templateFunction3 | provenance | |
|
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:164:7:164:7 | *templateFunction3 | provenance | |
|
||||||
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | |
|
| test.cpp:165:12:165:64 | call to templateFunction2 | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | |
|
||||||
| test.cpp:165:69:165:69 | x | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | MaD:58 |
|
| test.cpp:165:69:165:69 | x | test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | provenance | |
|
||||||
|
| test.cpp:165:69:165:69 | x | test.cpp:165:12:165:64 | call to templateFunction2 | provenance | MaD:53 |
|
||||||
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:170:10:170:18 | call to ymlSource | provenance | Src:MaD:25 |
|
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:170:10:170:18 | call to ymlSource | provenance | Src:MaD:25 |
|
||||||
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:172:51:172:51 | x | provenance | |
|
| test.cpp:170:10:170:18 | call to ymlSource | test.cpp:172:51:172:51 | x | provenance | |
|
||||||
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | |
|
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | |
|
||||||
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:173:10:173:10 | y | provenance | Sink:MaD:1 |
|
| test.cpp:172:13:172:44 | call to templateFunction3 | test.cpp:173:10:173:10 | y | provenance | Sink:MaD:1 |
|
||||||
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | provenance | |
|
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | provenance | |
|
||||||
| test.cpp:172:51:172:51 | x | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | MaD:58 |
|
| test.cpp:172:51:172:51 | x | test.cpp:172:13:172:44 | call to templateFunction3 | provenance | MaD:53 |
|
||||||
| test.cpp:186:2:186:2 | *s [post update] [myField] | test.cpp:187:33:187:34 | *& ... [myField] | provenance | |
|
| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:33 |
|
||||||
| test.cpp:186:2:186:24 | ... = ... | test.cpp:186:2:186:2 | *s [post update] [myField] | provenance | |
|
|
||||||
| test.cpp:186:14:186:22 | call to ymlSource | test.cpp:186:2:186:24 | ... = ... | provenance | Src:MaD:25 |
|
|
||||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | test.cpp:187:10:187:31 | call to read_field_from_struct | provenance | |
|
|
||||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | test.cpp:188:10:188:10 | x | provenance | Sink:MaD:1 |
|
|
||||||
| test.cpp:187:33:187:34 | *& ... [myField] | test.cpp:187:10:187:31 | call to read_field_from_struct | provenance | MaD:50 |
|
|
||||||
| test.cpp:199:2:199:2 | *s [post update] [myField] | test.cpp:200:35:200:36 | *& ... [myField] | provenance | |
|
|
||||||
| test.cpp:199:2:199:24 | ... = ... | test.cpp:199:2:199:2 | *s [post update] [myField] | provenance | |
|
|
||||||
| test.cpp:199:14:199:22 | call to ymlSource | test.cpp:199:2:199:24 | ... = ... | provenance | Src:MaD:25 |
|
|
||||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | test.cpp:200:10:200:33 | call to read_field_from_struct_2 | provenance | |
|
|
||||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | test.cpp:201:10:201:10 | x | provenance | Sink:MaD:1 |
|
|
||||||
| test.cpp:200:35:200:36 | *& ... [myField] | test.cpp:200:10:200:33 | call to read_field_from_struct_2 | provenance | MaD:51 |
|
|
||||||
| test.cpp:216:3:216:4 | get_ptr output argument [value] | test.cpp:217:11:217:12 | *rf [value] | provenance | |
|
|
||||||
| test.cpp:216:3:216:28 | ... = ... | test.cpp:216:3:216:4 | get_ptr output argument [value] | provenance | MaD:57 |
|
|
||||||
| test.cpp:216:18:216:26 | call to ymlSource | test.cpp:216:3:216:28 | ... = ... | provenance | Src:MaD:25 |
|
|
||||||
| test.cpp:217:11:217:12 | *rf [value] | test.cpp:217:14:217:18 | value | provenance | |
|
|
||||||
| test.cpp:217:14:217:18 | value | test.cpp:217:14:217:18 | value | provenance | |
|
|
||||||
| test.cpp:217:14:217:18 | value | test.cpp:218:11:218:11 | x | provenance | Sink:MaD:1 |
|
|
||||||
| test.cpp:222:3:222:3 | operator[] output argument | test.cpp:223:12:223:12 | *s | provenance | |
|
|
||||||
| test.cpp:222:3:222:20 | ... = ... | test.cpp:222:3:222:3 | operator[] output argument | provenance | MaD:56 |
|
|
||||||
| test.cpp:222:10:222:20 | call to ymlSource | test.cpp:222:3:222:20 | ... = ... | provenance | Src:MaD:25 |
|
|
||||||
| test.cpp:223:12:223:12 | *s | test.cpp:223:13:223:15 | call to operator[] | provenance | MaD:55 |
|
|
||||||
| test.cpp:223:13:223:15 | call to operator[] | test.cpp:223:13:223:15 | call to operator[] | provenance | |
|
|
||||||
| test.cpp:223:13:223:15 | call to operator[] | test.cpp:224:11:224:11 | c | provenance | Sink:MaD:1 |
|
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:3 |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:3 |
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance | |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance | |
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance | |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance | |
|
||||||
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | |
|
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | |
|
||||||
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance | |
|
| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance | |
|
||||||
|
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | provenance | |
|
||||||
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:33 |
|
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:33 |
|
||||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:4 |
|
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:4 |
|
||||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance | |
|
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance | |
|
||||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:5 |
|
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:5 |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance | |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance | |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:37 |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:37 |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance | |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | provenance | |
|
||||||
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | provenance | |
|
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | provenance | |
|
||||||
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:149:18:149:62 | *hEvent | provenance | |
|
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:149:18:149:62 | *hEvent | provenance | |
|
||||||
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:151:8:151:14 | * ... | provenance | |
|
| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:151:8:151:14 | * ... | provenance | |
|
||||||
@@ -232,11 +251,11 @@ edges
|
|||||||
| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:17 |
|
| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:17 |
|
||||||
| windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance | |
|
| windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance | |
|
||||||
| windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance | |
|
| windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance | |
|
||||||
| windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | MaD:37 |
|
| windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance | |
|
||||||
| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:17 |
|
| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:17 |
|
||||||
| windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance | |
|
| windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance | |
|
||||||
| windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance | |
|
| windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance | |
|
||||||
| windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | MaD:37 |
|
| windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance | |
|
||||||
| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:16 |
|
| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:16 |
|
||||||
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:12 |
|
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:12 |
|
||||||
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance | |
|
| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance | |
|
||||||
@@ -259,6 +278,12 @@ edges
|
|||||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:15 |
|
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:15 |
|
||||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance | |
|
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance | |
|
||||||
| windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance | |
|
| windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance | |
|
||||||
|
| windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | provenance | MaD:36 |
|
||||||
|
| windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | windows.cpp:403:26:403:36 | *lpParameter [x] | provenance | |
|
||||||
|
| windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | provenance | MaD:34 |
|
||||||
|
| windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | windows.cpp:410:26:410:36 | *lpParameter [x] | provenance | |
|
||||||
|
| windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | provenance | MaD:35 |
|
||||||
|
| windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | windows.cpp:417:26:417:36 | *lpParameter [x] | provenance | |
|
||||||
| windows.cpp:403:26:403:36 | *lpParameter [x] | windows.cpp:405:10:405:25 | *lpParameter [x] | provenance | |
|
| windows.cpp:403:26:403:36 | *lpParameter [x] | windows.cpp:405:10:405:25 | *lpParameter [x] | provenance | |
|
||||||
| windows.cpp:405:10:405:25 | *lpParameter [x] | windows.cpp:406:8:406:8 | *s [x] | provenance | |
|
| windows.cpp:405:10:405:25 | *lpParameter [x] | windows.cpp:406:8:406:8 | *s [x] | provenance | |
|
||||||
| windows.cpp:406:8:406:8 | *s [x] | windows.cpp:406:8:406:11 | x | provenance | |
|
| windows.cpp:406:8:406:8 | *s [x] | windows.cpp:406:8:406:11 | x | provenance | |
|
||||||
@@ -273,9 +298,22 @@ edges
|
|||||||
| windows.cpp:431:3:431:3 | *s [post update] [x] | windows.cpp:464:7:464:8 | *& ... [x] | provenance | |
|
| windows.cpp:431:3:431:3 | *s [post update] [x] | windows.cpp:464:7:464:8 | *& ... [x] | provenance | |
|
||||||
| windows.cpp:431:3:431:16 | ... = ... | windows.cpp:431:3:431:3 | *s [post update] [x] | provenance | |
|
| windows.cpp:431:3:431:16 | ... = ... | windows.cpp:431:3:431:3 | *s [post update] [x] | provenance | |
|
||||||
| windows.cpp:431:9:431:14 | call to source | windows.cpp:431:3:431:16 | ... = ... | provenance | |
|
| windows.cpp:431:9:431:14 | call to source | windows.cpp:431:3:431:16 | ... = ... | provenance | |
|
||||||
| windows.cpp:439:7:439:8 | *& ... [x] | windows.cpp:403:26:403:36 | *lpParameter [x] | provenance | MaD:36 |
|
| windows.cpp:439:7:439:8 | *& ... [x] | windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | provenance | |
|
||||||
| windows.cpp:451:7:451:8 | *& ... [x] | windows.cpp:410:26:410:36 | *lpParameter [x] | provenance | MaD:34 |
|
| windows.cpp:451:7:451:8 | *& ... [x] | windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | provenance | |
|
||||||
| windows.cpp:464:7:464:8 | *& ... [x] | windows.cpp:417:26:417:36 | *lpParameter [x] | provenance | MaD:35 |
|
| windows.cpp:464:7:464:8 | *& ... [x] | windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | provenance | |
|
||||||
|
| windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | provenance | MaD:42 |
|
||||||
|
| windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | provenance | MaD:38 |
|
||||||
|
| windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | provenance | MaD:39 |
|
||||||
|
| windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | provenance | MaD:40 |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | provenance | |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | provenance | MaD:41 |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | provenance | |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | provenance | |
|
||||||
|
| windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | provenance | MaD:44 |
|
||||||
|
| windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | provenance | MaD:45 |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | provenance | MaD:43 |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | provenance | |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | provenance | |
|
||||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:533:11:533:16 | call to source | provenance | |
|
| windows.cpp:533:11:533:16 | call to source | windows.cpp:533:11:533:16 | call to source | provenance | |
|
||||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:537:40:537:41 | *& ... | provenance | |
|
| windows.cpp:533:11:533:16 | call to source | windows.cpp:537:40:537:41 | *& ... | provenance | |
|
||||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:542:38:542:39 | *& ... | provenance | |
|
| windows.cpp:533:11:533:16 | call to source | windows.cpp:542:38:542:39 | *& ... | provenance | |
|
||||||
@@ -284,29 +322,37 @@ edges
|
|||||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:568:32:568:33 | *& ... | provenance | |
|
| windows.cpp:533:11:533:16 | call to source | windows.cpp:568:32:568:33 | *& ... | provenance | |
|
||||||
| windows.cpp:533:11:533:16 | call to source | windows.cpp:573:40:573:41 | *& ... | provenance | |
|
| windows.cpp:533:11:533:16 | call to source | windows.cpp:573:40:573:41 | *& ... | provenance | |
|
||||||
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | windows.cpp:538:10:538:23 | access to array | provenance | |
|
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | windows.cpp:538:10:538:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | provenance | |
|
||||||
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | provenance | MaD:42 |
|
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | provenance | MaD:42 |
|
||||||
| windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | windows.cpp:543:10:543:23 | access to array | provenance | |
|
| windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | windows.cpp:543:10:543:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | provenance | |
|
||||||
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | provenance | MaD:38 |
|
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument | provenance | MaD:38 |
|
||||||
| windows.cpp:547:19:547:29 | RtlCopyMemory output argument | windows.cpp:548:10:548:23 | access to array | provenance | |
|
| windows.cpp:547:19:547:29 | RtlCopyMemory output argument | windows.cpp:548:10:548:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | provenance | |
|
||||||
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:547:19:547:29 | RtlCopyMemory output argument | provenance | MaD:39 |
|
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:547:19:547:29 | RtlCopyMemory output argument | provenance | MaD:39 |
|
||||||
| windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | windows.cpp:553:10:553:23 | access to array | provenance | |
|
| windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | windows.cpp:553:10:553:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | provenance | |
|
||||||
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | provenance | MaD:40 |
|
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument | provenance | MaD:40 |
|
||||||
| windows.cpp:559:5:559:24 | ... = ... | windows.cpp:561:39:561:44 | *buffer | provenance | |
|
| windows.cpp:559:5:559:24 | ... = ... | windows.cpp:561:39:561:44 | *buffer | provenance | |
|
||||||
| windows.cpp:559:17:559:24 | call to source | windows.cpp:559:5:559:24 | ... = ... | provenance | |
|
| windows.cpp:559:17:559:24 | call to source | windows.cpp:559:5:559:24 | ... = ... | provenance | |
|
||||||
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:562:10:562:19 | *src_string [*Buffer] | provenance | |
|
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:562:10:562:19 | *src_string [*Buffer] | provenance | |
|
||||||
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:563:40:563:50 | *& ... [*Buffer] | provenance | |
|
| windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | windows.cpp:563:40:563:50 | *& ... [*Buffer] | provenance | |
|
||||||
|
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | provenance | |
|
||||||
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | provenance | MaD:43 |
|
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] | provenance | MaD:43 |
|
||||||
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:10:562:29 | access to array | provenance | |
|
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:10:562:29 | access to array | provenance | |
|
||||||
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:21:562:26 | *Buffer | provenance | |
|
| windows.cpp:562:10:562:19 | *src_string [*Buffer] | windows.cpp:562:21:562:26 | *Buffer | provenance | |
|
||||||
| windows.cpp:562:21:562:26 | *Buffer | windows.cpp:562:10:562:29 | access to array | provenance | |
|
| windows.cpp:562:21:562:26 | *Buffer | windows.cpp:562:10:562:29 | access to array | provenance | |
|
||||||
| windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | windows.cpp:564:10:564:20 | *dest_string [*Buffer] | provenance | |
|
| windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | windows.cpp:564:10:564:20 | *dest_string [*Buffer] | provenance | |
|
||||||
|
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | provenance | |
|
||||||
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | provenance | MaD:41 |
|
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] | provenance | MaD:41 |
|
||||||
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:10:564:30 | access to array | provenance | |
|
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:10:564:30 | access to array | provenance | |
|
||||||
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:22:564:27 | *Buffer | provenance | |
|
| windows.cpp:564:10:564:20 | *dest_string [*Buffer] | windows.cpp:564:22:564:27 | *Buffer | provenance | |
|
||||||
| windows.cpp:564:22:564:27 | *Buffer | windows.cpp:564:10:564:30 | access to array | provenance | |
|
| windows.cpp:564:22:564:27 | *Buffer | windows.cpp:564:10:564:30 | access to array | provenance | |
|
||||||
| windows.cpp:568:19:568:29 | RtlMoveMemory output argument | windows.cpp:569:10:569:23 | access to array | provenance | |
|
| windows.cpp:568:19:568:29 | RtlMoveMemory output argument | windows.cpp:569:10:569:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | provenance | |
|
||||||
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:568:19:568:29 | RtlMoveMemory output argument | provenance | MaD:44 |
|
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:568:19:568:29 | RtlMoveMemory output argument | provenance | MaD:44 |
|
||||||
| windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | windows.cpp:574:10:574:23 | access to array | provenance | |
|
| windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | windows.cpp:574:10:574:23 | access to array | provenance | |
|
||||||
|
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | provenance | |
|
||||||
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | provenance | MaD:45 |
|
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument | provenance | MaD:45 |
|
||||||
| windows.cpp:645:45:645:50 | WinHttpReadData output argument | windows.cpp:647:10:647:16 | * ... | provenance | Src:MaD:23 |
|
| windows.cpp:645:45:645:50 | WinHttpReadData output argument | windows.cpp:647:10:647:16 | * ... | provenance | Src:MaD:23 |
|
||||||
| windows.cpp:652:48:652:53 | WinHttpReadDataEx output argument | windows.cpp:654:10:654:16 | * ... | provenance | Src:MaD:24 |
|
| windows.cpp:652:48:652:53 | WinHttpReadDataEx output argument | windows.cpp:654:10:654:16 | * ... | provenance | Src:MaD:24 |
|
||||||
@@ -314,8 +360,10 @@ edges
|
|||||||
| windows.cpp:669:70:669:79 | WinHttpQueryHeadersEx output argument | windows.cpp:673:10:673:29 | * ... | provenance | Src:MaD:21 |
|
| windows.cpp:669:70:669:79 | WinHttpQueryHeadersEx output argument | windows.cpp:673:10:673:29 | * ... | provenance | Src:MaD:21 |
|
||||||
| windows.cpp:669:82:669:87 | WinHttpQueryHeadersEx output argument | windows.cpp:671:10:671:16 | * ... | provenance | Src:MaD:22 |
|
| windows.cpp:669:82:669:87 | WinHttpQueryHeadersEx output argument | windows.cpp:671:10:671:16 | * ... | provenance | Src:MaD:22 |
|
||||||
| windows.cpp:669:105:669:112 | WinHttpQueryHeadersEx output argument | windows.cpp:675:10:675:27 | * ... | provenance | Src:MaD:20 |
|
| windows.cpp:669:105:669:112 | WinHttpQueryHeadersEx output argument | windows.cpp:675:10:675:27 | * ... | provenance | Src:MaD:20 |
|
||||||
|
| windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | provenance | MaD:46 |
|
||||||
| windows.cpp:728:5:728:28 | ... = ... | windows.cpp:729:35:729:35 | *x | provenance | |
|
| windows.cpp:728:5:728:28 | ... = ... | windows.cpp:729:35:729:35 | *x | provenance | |
|
||||||
| windows.cpp:728:12:728:28 | call to source | windows.cpp:728:5:728:28 | ... = ... | provenance | |
|
| windows.cpp:728:12:728:28 | call to source | windows.cpp:728:5:728:28 | ... = ... | provenance | |
|
||||||
|
| windows.cpp:729:35:729:35 | *x | windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | provenance | |
|
||||||
| windows.cpp:729:35:729:35 | *x | windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | provenance | MaD:46 |
|
| windows.cpp:729:35:729:35 | *x | windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | provenance | MaD:46 |
|
||||||
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:731:10:731:36 | * ... | provenance | |
|
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:731:10:731:36 | * ... | provenance | |
|
||||||
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:733:10:733:35 | * ... | provenance | |
|
| windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument | windows.cpp:733:10:733:35 | * ... | provenance | |
|
||||||
@@ -338,6 +386,8 @@ edges
|
|||||||
| windows.cpp:936:70:936:78 | HttpReceiveClientCertificate output argument | windows.cpp:941:10:941:31 | * ... | provenance | Src:MaD:6 |
|
| windows.cpp:936:70:936:78 | HttpReceiveClientCertificate output argument | windows.cpp:941:10:941:31 | * ... | provenance | Src:MaD:6 |
|
||||||
| windows.cpp:937:15:937:48 | *& ... | windows.cpp:939:10:939:11 | * ... | provenance | |
|
| windows.cpp:937:15:937:48 | *& ... | windows.cpp:939:10:939:11 | * ... | provenance | |
|
||||||
nodes
|
nodes
|
||||||
|
| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | semmle.label | [summary param] *0 in buffer |
|
||||||
|
| asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | semmle.label | [summary] to write: ReturnValue in buffer |
|
||||||
| asio_streams.cpp:87:34:87:44 | read_until output argument | semmle.label | read_until output argument |
|
| asio_streams.cpp:87:34:87:44 | read_until output argument | semmle.label | read_until output argument |
|
||||||
| asio_streams.cpp:91:7:91:17 | recv_buffer | semmle.label | recv_buffer |
|
| asio_streams.cpp:91:7:91:17 | recv_buffer | semmle.label | recv_buffer |
|
||||||
| asio_streams.cpp:93:29:93:39 | *recv_buffer | semmle.label | *recv_buffer |
|
| asio_streams.cpp:93:29:93:39 | *recv_buffer | semmle.label | *recv_buffer |
|
||||||
@@ -348,6 +398,15 @@ nodes
|
|||||||
| asio_streams.cpp:100:64:100:71 | *send_str | semmle.label | *send_str |
|
| asio_streams.cpp:100:64:100:71 | *send_str | semmle.label | *send_str |
|
||||||
| asio_streams.cpp:101:7:101:17 | send_buffer | semmle.label | send_buffer |
|
| asio_streams.cpp:101:7:101:17 | send_buffer | semmle.label | send_buffer |
|
||||||
| asio_streams.cpp:103:29:103:39 | *send_buffer | semmle.label | *send_buffer |
|
| asio_streams.cpp:103:29:103:39 | *send_buffer | semmle.label | *send_buffer |
|
||||||
|
| azure.cpp:62:10:62:14 | [summary param] this in Value | semmle.label | [summary param] this in Value |
|
||||||
|
| azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | semmle.label | [summary] to write: ReturnValue[*] in Value |
|
||||||
|
| azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | semmle.label | [summary param] *0 in Read [Return] |
|
||||||
|
| azure.cpp:113:16:113:19 | [summary param] this in Read | semmle.label | [summary param] this in Read |
|
||||||
|
| azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | semmle.label | [summary param] *0 in ReadToCount [Return] |
|
||||||
|
| azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | semmle.label | [summary param] this in ReadToCount |
|
||||||
|
| azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | semmle.label | [summary param] this in ReadToEnd |
|
||||||
|
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | semmle.label | [summary] to write: ReturnValue in ReadToEnd [element] |
|
||||||
|
| azure.cpp:115:30:115:38 | [summary] to write: ReturnValue.Element in ReadToEnd | semmle.label | [summary] to write: ReturnValue.Element in ReadToEnd |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
||||||
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
| azure.cpp:253:48:253:60 | *call to GetBodyStream | semmle.label | *call to GetBodyStream |
|
||||||
| azure.cpp:257:5:257:8 | *resp | semmle.label | *resp |
|
| azure.cpp:257:5:257:8 | *resp | semmle.label | *resp |
|
||||||
@@ -392,6 +451,12 @@ nodes
|
|||||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||||
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
| azure.cpp:295:10:295:20 | contentType | semmle.label | contentType |
|
||||||
|
| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | semmle.label | [summary param] 0 in ymlStepManual |
|
||||||
|
| test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | semmle.label | [summary] to write: ReturnValue in ymlStepManual |
|
||||||
|
| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | semmle.label | [summary param] 0 in ymlStepGenerated |
|
||||||
|
| test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | semmle.label | [summary] to write: ReturnValue in ymlStepGenerated |
|
||||||
|
| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | semmle.label | [summary param] 0 in ymlStepManual_with_body |
|
||||||
|
| test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | semmle.label | [summary] to write: ReturnValue in ymlStepManual_with_body |
|
||||||
| test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | semmle.label | *ymlStepGenerated_with_body |
|
| test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | semmle.label | *ymlStepGenerated_with_body |
|
||||||
| test.cpp:7:47:7:52 | value2 | semmle.label | value2 |
|
| test.cpp:7:47:7:52 | value2 | semmle.label | value2 |
|
||||||
| test.cpp:7:64:7:69 | value2 | semmle.label | value2 |
|
| test.cpp:7:64:7:69 | value2 | semmle.label | value2 |
|
||||||
@@ -418,10 +483,20 @@ nodes
|
|||||||
| test.cpp:47:12:47:19 | *arg [x] | semmle.label | *arg [x] |
|
| test.cpp:47:12:47:19 | *arg [x] | semmle.label | *arg [x] |
|
||||||
| test.cpp:48:13:48:13 | *s [x] | semmle.label | *s [x] |
|
| test.cpp:48:13:48:13 | *s [x] | semmle.label | *s [x] |
|
||||||
| test.cpp:48:16:48:16 | x | semmle.label | x |
|
| test.cpp:48:16:48:16 | x | semmle.label | x |
|
||||||
|
| test.cpp:52:5:52:18 | [summary param] *3 in pthread_create [x] | semmle.label | [summary param] *3 in pthread_create [x] |
|
||||||
|
| test.cpp:52:5:52:18 | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] | semmle.label | [summary] to write: Argument[2].Parameter[*0] in pthread_create [x] |
|
||||||
| test.cpp:56:2:56:2 | *s [post update] [x] | semmle.label | *s [post update] [x] |
|
| test.cpp:56:2:56:2 | *s [post update] [x] | semmle.label | *s [post update] [x] |
|
||||||
| test.cpp:56:2:56:18 | ... = ... | semmle.label | ... = ... |
|
| test.cpp:56:2:56:18 | ... = ... | semmle.label | ... = ... |
|
||||||
| test.cpp:56:8:56:16 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:56:8:56:16 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:59:55:59:64 | *& ... [x] | semmle.label | *& ... [x] |
|
| test.cpp:59:55:59:64 | *& ... [x] | semmle.label | *& ... [x] |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary param] 1 in callWithArgument | semmle.label | [summary param] 1 in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||||
|
| test.cpp:63:6:63:21 | [summary] to write: Argument[0].Parameter[0] in callWithArgument | semmle.label | [summary] to write: Argument[0].Parameter[0] in callWithArgument |
|
||||||
| test.cpp:68:22:68:22 | y | semmle.label | y |
|
| test.cpp:68:22:68:22 | y | semmle.label | y |
|
||||||
| test.cpp:69:11:69:11 | y | semmle.label | y |
|
| test.cpp:69:11:69:11 | y | semmle.label | y |
|
||||||
| test.cpp:74:22:74:22 | y | semmle.label | y |
|
| test.cpp:74:22:74:22 | y | semmle.label | y |
|
||||||
@@ -436,18 +511,28 @@ nodes
|
|||||||
| test.cpp:101:26:101:26 | x | semmle.label | x |
|
| test.cpp:101:26:101:26 | x | semmle.label | x |
|
||||||
| test.cpp:103:63:103:63 | x | semmle.label | x |
|
| test.cpp:103:63:103:63 | x | semmle.label | x |
|
||||||
| test.cpp:104:62:104:62 | x | semmle.label | x |
|
| test.cpp:104:62:104:62 | x | semmle.label | x |
|
||||||
|
| test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | semmle.label | [summary param] *0 in callWithNonTypeTemplate |
|
||||||
|
| test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | semmle.label | [summary] to write: ReturnValue in callWithNonTypeTemplate |
|
||||||
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:114:10:114:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
||||||
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
| test.cpp:118:11:118:42 | call to callWithNonTypeTemplate | semmle.label | call to callWithNonTypeTemplate |
|
||||||
| test.cpp:118:44:118:44 | *x | semmle.label | *x |
|
| test.cpp:118:44:118:44 | *x | semmle.label | *x |
|
||||||
| test.cpp:119:10:119:11 | y2 | semmle.label | y2 |
|
| test.cpp:119:10:119:11 | y2 | semmle.label | y2 |
|
||||||
|
| test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | semmle.label | [summary param] 0 in templateFunction |
|
||||||
|
| test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | semmle.label | [summary] to write: ReturnValue in templateFunction |
|
||||||
|
| test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | semmle.label | [summary param] 1 in templateFunction2 |
|
||||||
|
| test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | semmle.label | [summary] to write: ReturnValue in templateFunction2 |
|
||||||
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:133:10:133:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
||||||
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
| test.cpp:134:13:134:43 | call to templateFunction | semmle.label | call to templateFunction |
|
||||||
| test.cpp:134:45:134:45 | x | semmle.label | x |
|
| test.cpp:134:45:134:45 | x | semmle.label | x |
|
||||||
| test.cpp:135:10:135:10 | y | semmle.label | y |
|
| test.cpp:135:10:135:10 | y | semmle.label | y |
|
||||||
|
| test.cpp:140:4:140:11 | [summary param] 1 in function | semmle.label | [summary param] 1 in function |
|
||||||
|
| test.cpp:140:4:140:11 | [summary param] 1 in function | semmle.label | [summary param] 1 in function |
|
||||||
|
| test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | semmle.label | [summary] to write: ReturnValue in function |
|
||||||
|
| test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | semmle.label | [summary] to write: ReturnValue in function |
|
||||||
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
| test.cpp:146:10:146:18 | call to ymlSource | semmle.label | call to ymlSource |
|
||||||
| test.cpp:148:10:148:27 | call to function | semmle.label | call to function |
|
| test.cpp:148:10:148:27 | call to function | semmle.label | call to function |
|
||||||
@@ -471,34 +556,8 @@ nodes
|
|||||||
| test.cpp:172:13:172:44 | call to templateFunction3 | semmle.label | call to templateFunction3 |
|
| test.cpp:172:13:172:44 | call to templateFunction3 | semmle.label | call to templateFunction3 |
|
||||||
| test.cpp:172:51:172:51 | x | semmle.label | x |
|
| test.cpp:172:51:172:51 | x | semmle.label | x |
|
||||||
| test.cpp:173:10:173:10 | y | semmle.label | y |
|
| test.cpp:173:10:173:10 | y | semmle.label | y |
|
||||||
| test.cpp:186:2:186:2 | *s [post update] [myField] | semmle.label | *s [post update] [myField] |
|
| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | semmle.label | [summary param] *0 in CommandLineToArgvA |
|
||||||
| test.cpp:186:2:186:24 | ... = ... | semmle.label | ... = ... |
|
| windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | semmle.label | [summary] to write: ReturnValue[**] in CommandLineToArgvA |
|
||||||
| test.cpp:186:14:186:22 | call to ymlSource | semmle.label | call to ymlSource |
|
|
||||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | semmle.label | call to read_field_from_struct |
|
|
||||||
| test.cpp:187:10:187:31 | call to read_field_from_struct | semmle.label | call to read_field_from_struct |
|
|
||||||
| test.cpp:187:33:187:34 | *& ... [myField] | semmle.label | *& ... [myField] |
|
|
||||||
| test.cpp:188:10:188:10 | x | semmle.label | x |
|
|
||||||
| test.cpp:199:2:199:2 | *s [post update] [myField] | semmle.label | *s [post update] [myField] |
|
|
||||||
| test.cpp:199:2:199:24 | ... = ... | semmle.label | ... = ... |
|
|
||||||
| test.cpp:199:14:199:22 | call to ymlSource | semmle.label | call to ymlSource |
|
|
||||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | semmle.label | call to read_field_from_struct_2 |
|
|
||||||
| test.cpp:200:10:200:33 | call to read_field_from_struct_2 | semmle.label | call to read_field_from_struct_2 |
|
|
||||||
| test.cpp:200:35:200:36 | *& ... [myField] | semmle.label | *& ... [myField] |
|
|
||||||
| test.cpp:201:10:201:10 | x | semmle.label | x |
|
|
||||||
| test.cpp:216:3:216:4 | get_ptr output argument [value] | semmle.label | get_ptr output argument [value] |
|
|
||||||
| test.cpp:216:3:216:28 | ... = ... | semmle.label | ... = ... |
|
|
||||||
| test.cpp:216:18:216:26 | call to ymlSource | semmle.label | call to ymlSource |
|
|
||||||
| test.cpp:217:11:217:12 | *rf [value] | semmle.label | *rf [value] |
|
|
||||||
| test.cpp:217:14:217:18 | value | semmle.label | value |
|
|
||||||
| test.cpp:217:14:217:18 | value | semmle.label | value |
|
|
||||||
| test.cpp:218:11:218:11 | x | semmle.label | x |
|
|
||||||
| test.cpp:222:3:222:3 | operator[] output argument | semmle.label | operator[] output argument |
|
|
||||||
| test.cpp:222:3:222:20 | ... = ... | semmle.label | ... = ... |
|
|
||||||
| test.cpp:222:10:222:20 | call to ymlSource | semmle.label | call to ymlSource |
|
|
||||||
| test.cpp:223:12:223:12 | *s | semmle.label | *s |
|
|
||||||
| test.cpp:223:13:223:15 | call to operator[] | semmle.label | call to operator[] |
|
|
||||||
| test.cpp:223:13:223:15 | call to operator[] | semmle.label | call to operator[] |
|
|
||||||
| test.cpp:224:11:224:11 | c | semmle.label | c |
|
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
|
||||||
| windows.cpp:24:8:24:11 | * ... | semmle.label | * ... |
|
| windows.cpp:24:8:24:11 | * ... | semmle.label | * ... |
|
||||||
@@ -511,6 +570,14 @@ nodes
|
|||||||
| windows.cpp:36:10:36:13 | * ... | semmle.label | * ... |
|
| windows.cpp:36:10:36:13 | * ... | semmle.label | * ... |
|
||||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | semmle.label | GetEnvironmentVariableA output argument |
|
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | semmle.label | GetEnvironmentVariableA output argument |
|
||||||
| windows.cpp:41:10:41:13 | * ... | semmle.label | * ... |
|
| windows.cpp:41:10:41:13 | * ... | semmle.label | * ... |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | semmle.label | [summary param] *3 in ReadFileEx [*hEvent] |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | semmle.label | [summary param] *3 in ReadFileEx [hEvent] |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx |
|
||||||
|
| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx |
|
||||||
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
|
| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
|
||||||
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
||||||
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
|
||||||
@@ -564,6 +631,12 @@ nodes
|
|||||||
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | semmle.label | *call to MapViewOfFileNuma2 |
|
| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | semmle.label | *call to MapViewOfFileNuma2 |
|
||||||
| windows.cpp:333:20:333:52 | *pMapView | semmle.label | *pMapView |
|
| windows.cpp:333:20:333:52 | *pMapView | semmle.label | *pMapView |
|
||||||
| windows.cpp:335:10:335:16 | * ... | semmle.label | * ... |
|
| windows.cpp:335:10:335:16 | * ... | semmle.label | * ... |
|
||||||
|
| windows.cpp:349:8:349:19 | [summary param] *3 in CreateThread [x] | semmle.label | [summary param] *3 in CreateThread [x] |
|
||||||
|
| windows.cpp:349:8:349:19 | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] | semmle.label | [summary] to write: Argument[2].Parameter[*0] in CreateThread [x] |
|
||||||
|
| windows.cpp:357:8:357:25 | [summary param] *4 in CreateRemoteThread [x] | semmle.label | [summary param] *4 in CreateRemoteThread [x] |
|
||||||
|
| windows.cpp:357:8:357:25 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] | semmle.label | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThread [x] |
|
||||||
|
| windows.cpp:387:8:387:27 | [summary param] *4 in CreateRemoteThreadEx [x] | semmle.label | [summary param] *4 in CreateRemoteThreadEx [x] |
|
||||||
|
| windows.cpp:387:8:387:27 | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] | semmle.label | [summary] to write: Argument[3].Parameter[*0] in CreateRemoteThreadEx [x] |
|
||||||
| windows.cpp:403:26:403:36 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
| windows.cpp:403:26:403:36 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
||||||
| windows.cpp:405:10:405:25 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
| windows.cpp:405:10:405:25 | *lpParameter [x] | semmle.label | *lpParameter [x] |
|
||||||
| windows.cpp:406:8:406:8 | *s [x] | semmle.label | *s [x] |
|
| windows.cpp:406:8:406:8 | *s [x] | semmle.label | *s [x] |
|
||||||
@@ -582,6 +655,27 @@ nodes
|
|||||||
| windows.cpp:439:7:439:8 | *& ... [x] | semmle.label | *& ... [x] |
|
| windows.cpp:439:7:439:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||||
| windows.cpp:451:7:451:8 | *& ... [x] | semmle.label | *& ... [x] |
|
| windows.cpp:451:7:451:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||||
| windows.cpp:464:7:464:8 | *& ... [x] | semmle.label | *& ... [x] |
|
| windows.cpp:464:7:464:8 | *& ... [x] | semmle.label | *& ... [x] |
|
||||||
|
| windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | semmle.label | [summary param] *0 in RtlCopyVolatileMemory [Return] |
|
||||||
|
| windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | semmle.label | [summary param] *1 in RtlCopyVolatileMemory |
|
||||||
|
| windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | semmle.label | [summary param] *0 in RtlCopyDeviceMemory [Return] |
|
||||||
|
| windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | semmle.label | [summary param] *1 in RtlCopyDeviceMemory |
|
||||||
|
| windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | semmle.label | [summary param] *0 in RtlCopyMemory [Return] |
|
||||||
|
| windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | semmle.label | [summary param] *1 in RtlCopyMemory |
|
||||||
|
| windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | semmle.label | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] |
|
||||||
|
| windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | semmle.label | [summary param] *1 in RtlCopyMemoryNonTemporal |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | semmle.label | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | semmle.label | [summary param] *1 in RtlCopyUnicodeString [*Buffer] |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString | semmle.label | [summary] read: Argument[*1].Field[*Buffer] in RtlCopyUnicodeString |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] | semmle.label | [summary] to write: Argument[*0] in RtlCopyUnicodeString [*Buffer] |
|
||||||
|
| windows.cpp:510:6:510:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString | semmle.label | [summary] to write: Argument[*0].Field[*Buffer] in RtlCopyUnicodeString |
|
||||||
|
| windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | semmle.label | [summary param] *0 in RtlMoveMemory [Return] |
|
||||||
|
| windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | semmle.label | [summary param] *1 in RtlMoveMemory |
|
||||||
|
| windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | semmle.label | [summary param] *0 in RtlMoveVolatileMemory [Return] |
|
||||||
|
| windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | semmle.label | [summary param] *1 in RtlMoveVolatileMemory |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | semmle.label | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | semmle.label | [summary param] *1 in RtlInitUnicodeString |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] | semmle.label | [summary] to write: Argument[*0] in RtlInitUnicodeString [*Buffer] |
|
||||||
|
| windows.cpp:527:6:527:25 | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString | semmle.label | [summary] to write: Argument[*0].Field[*Buffer] in RtlInitUnicodeString |
|
||||||
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
||||||
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
| windows.cpp:533:11:533:16 | call to source | semmle.label | call to source |
|
||||||
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | semmle.label | RtlCopyVolatileMemory output argument |
|
| windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument | semmle.label | RtlCopyVolatileMemory output argument |
|
||||||
@@ -626,6 +720,8 @@ nodes
|
|||||||
| windows.cpp:671:10:671:16 | * ... | semmle.label | * ... |
|
| windows.cpp:671:10:671:16 | * ... | semmle.label | * ... |
|
||||||
| windows.cpp:673:10:673:29 | * ... | semmle.label | * ... |
|
| windows.cpp:673:10:673:29 | * ... | semmle.label | * ... |
|
||||||
| windows.cpp:675:10:675:27 | * ... | semmle.label | * ... |
|
| windows.cpp:675:10:675:27 | * ... | semmle.label | * ... |
|
||||||
|
| windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | semmle.label | [summary param] *0 in WinHttpCrackUrl |
|
||||||
|
| windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | semmle.label | [summary param] *3 in WinHttpCrackUrl [Return] |
|
||||||
| windows.cpp:728:5:728:28 | ... = ... | semmle.label | ... = ... |
|
| windows.cpp:728:5:728:28 | ... = ... | semmle.label | ... = ... |
|
||||||
| windows.cpp:728:12:728:28 | call to source | semmle.label | call to source |
|
| windows.cpp:728:12:728:28 | call to source | semmle.label | call to source |
|
||||||
| windows.cpp:729:35:729:35 | *x | semmle.label | *x |
|
| windows.cpp:729:35:729:35 | *x | semmle.label | *x |
|
||||||
@@ -654,6 +750,30 @@ nodes
|
|||||||
| windows.cpp:939:10:939:11 | * ... | semmle.label | * ... |
|
| windows.cpp:939:10:939:11 | * ... | semmle.label | * ... |
|
||||||
| windows.cpp:941:10:941:31 | * ... | semmle.label | * ... |
|
| windows.cpp:941:10:941:31 | * ... | semmle.label | * ... |
|
||||||
subpaths
|
subpaths
|
||||||
|
| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | asio_streams.cpp:100:44:100:62 | call to buffer |
|
||||||
|
| azure.cpp:257:5:257:8 | *resp | azure.cpp:113:16:113:19 | [summary param] this in Read | azure.cpp:113:16:113:19 | [summary param] *0 in Read [Return] | azure.cpp:257:16:257:21 | Read output argument |
|
||||||
|
| azure.cpp:262:5:262:8 | *resp | azure.cpp:114:16:114:26 | [summary param] this in ReadToCount | azure.cpp:114:16:114:26 | [summary param] *0 in ReadToCount [Return] | azure.cpp:262:23:262:28 | ReadToCount output argument |
|
||||||
|
| azure.cpp:266:38:266:41 | *resp | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | azure.cpp:266:44:266:52 | call to ReadToEnd [element] |
|
||||||
|
| azure.cpp:282:21:282:23 | *call to get | azure.cpp:115:30:115:38 | [summary param] this in ReadToEnd | azure.cpp:115:30:115:38 | [summary] to write: ReturnValue in ReadToEnd [element] | azure.cpp:282:28:282:36 | call to ReadToEnd [element] |
|
||||||
|
| azure.cpp:289:24:289:56 | call to GetHeader | azure.cpp:62:10:62:14 | [summary param] this in Value | azure.cpp:62:10:62:14 | [summary] to write: ReturnValue[*] in Value | azure.cpp:289:63:289:65 | call to Value |
|
||||||
|
| test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual |
|
||||||
|
| test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated |
|
||||||
|
| test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body |
|
||||||
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body |
|
| test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body |
|
||||||
|
| test.cpp:118:44:118:44 | *x | test.cpp:111:3:111:25 | [summary param] *0 in callWithNonTypeTemplate | test.cpp:111:3:111:25 | [summary] to write: ReturnValue in callWithNonTypeTemplate | test.cpp:118:11:118:42 | call to callWithNonTypeTemplate |
|
||||||
|
| test.cpp:134:45:134:45 | x | test.cpp:125:5:125:20 | [summary param] 0 in templateFunction | test.cpp:125:5:125:20 | [summary] to write: ReturnValue in templateFunction | test.cpp:134:13:134:43 | call to templateFunction |
|
||||||
|
| test.cpp:148:26:148:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | test.cpp:148:10:148:27 | call to function |
|
||||||
|
| test.cpp:157:26:157:26 | x | test.cpp:140:4:140:11 | [summary param] 1 in function | test.cpp:140:4:140:11 | [summary] to write: ReturnValue in function | test.cpp:157:13:157:20 | call to function |
|
||||||
|
| test.cpp:165:69:165:69 | x | test.cpp:128:5:128:21 | [summary param] 1 in templateFunction2 | test.cpp:128:5:128:21 | [summary] to write: ReturnValue in templateFunction2 | test.cpp:165:12:165:64 | call to templateFunction2 |
|
||||||
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | test.cpp:164:7:164:7 | *templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 |
|
| test.cpp:172:51:172:51 | x | test.cpp:164:34:164:34 | x | test.cpp:164:7:164:7 | *templateFunction3 | test.cpp:172:13:172:44 | call to templateFunction3 |
|
||||||
|
| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA |
|
||||||
|
| windows.cpp:537:40:537:41 | *& ... | windows.cpp:473:17:473:37 | [summary param] *1 in RtlCopyVolatileMemory | windows.cpp:473:17:473:37 | [summary param] *0 in RtlCopyVolatileMemory [Return] | windows.cpp:537:27:537:37 | RtlCopyVolatileMemory output argument |
|
||||||
|
| windows.cpp:542:38:542:39 | *& ... | windows.cpp:479:17:479:35 | [summary param] *1 in RtlCopyDeviceMemory | windows.cpp:479:17:479:35 | [summary param] *0 in RtlCopyDeviceMemory [Return] | windows.cpp:542:25:542:35 | RtlCopyDeviceMemory output argument |
|
||||||
|
| windows.cpp:547:32:547:33 | *& ... | windows.cpp:485:6:485:18 | [summary param] *1 in RtlCopyMemory | windows.cpp:485:6:485:18 | [summary param] *0 in RtlCopyMemory [Return] | windows.cpp:547:19:547:29 | RtlCopyMemory output argument |
|
||||||
|
| windows.cpp:552:43:552:44 | *& ... | windows.cpp:493:6:493:29 | [summary param] *1 in RtlCopyMemoryNonTemporal | windows.cpp:493:6:493:29 | [summary param] *0 in RtlCopyMemoryNonTemporal [Return] | windows.cpp:552:30:552:40 | RtlCopyMemoryNonTemporal output argument |
|
||||||
|
| windows.cpp:561:39:561:44 | *buffer | windows.cpp:527:6:527:25 | [summary param] *1 in RtlInitUnicodeString | windows.cpp:527:6:527:25 | [summary param] *0 in RtlInitUnicodeString [Return] [*Buffer] | windows.cpp:561:26:561:36 | RtlInitUnicodeString output argument [*Buffer] |
|
||||||
|
| windows.cpp:563:40:563:50 | *& ... [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *1 in RtlCopyUnicodeString [*Buffer] | windows.cpp:510:6:510:25 | [summary param] *0 in RtlCopyUnicodeString [Return] [*Buffer] | windows.cpp:563:26:563:37 | RtlCopyUnicodeString output argument [*Buffer] |
|
||||||
|
| windows.cpp:568:32:568:33 | *& ... | windows.cpp:515:6:515:18 | [summary param] *1 in RtlMoveMemory | windows.cpp:515:6:515:18 | [summary param] *0 in RtlMoveMemory [Return] | windows.cpp:568:19:568:29 | RtlMoveMemory output argument |
|
||||||
|
| windows.cpp:573:40:573:41 | *& ... | windows.cpp:521:17:521:37 | [summary param] *1 in RtlMoveVolatileMemory | windows.cpp:521:17:521:37 | [summary param] *0 in RtlMoveVolatileMemory [Return] | windows.cpp:573:27:573:37 | RtlMoveVolatileMemory output argument |
|
||||||
|
| windows.cpp:729:35:729:35 | *x | windows.cpp:714:6:714:20 | [summary param] *0 in WinHttpCrackUrl | windows.cpp:714:6:714:20 | [summary param] *3 in WinHttpCrackUrl [Return] | windows.cpp:729:44:729:57 | WinHttpCrackUrl output argument |
|
||||||
testFailures
|
testFailures
|
||||||
|
|||||||
@@ -22,8 +22,3 @@ extensions:
|
|||||||
- ["", "TemplateClass1<T>", False, "templateFunction<U>", "(T,U)", "", "Argument[0]", "ReturnValue", "value", "manual"]
|
- ["", "TemplateClass1<T>", False, "templateFunction<U>", "(T,U)", "", "Argument[0]", "ReturnValue", "value", "manual"]
|
||||||
- ["", "TemplateClass1", True, "templateFunction2<U,V>", "(U,V)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
- ["", "TemplateClass1", True, "templateFunction2<U,V>", "(U,V)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
||||||
- ["", "TemplateClass2<T,U>", True, "function", "(U,T)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
- ["", "TemplateClass2<T,U>", True, "function", "(U,T)", "", "Argument[1]", "ReturnValue", "value", "manual"]
|
||||||
- ["", "", False, "read_field_from_struct", "", "", "Argument[*0].Field[MyNamespace::MyStructInNamespace::myField]", "ReturnValue", "value", "manual"]
|
|
||||||
- ["", "", False, "read_field_from_struct_2", "", "", "Argument[*0].Field[MyGlobalStruct::myField]", "ReturnValue", "value", "manual"]
|
|
||||||
- ["", "ReverseFlow", True, "get_ptr", "", "", "ReturnValue[*]", "Argument[-1].Field[ReverseFlow::value]", "value", "manual"]
|
|
||||||
- ["", "MyString", True, "operator[]", "", "", "ReturnValue[*]", "Argument[-1]", "taint", "manual"]
|
|
||||||
- ["", "MyString", True, "operator[]", "", "", "Argument[-1]", "ReturnValue[*]", "taint", "manual"]
|
|
||||||
|
|||||||
@@ -19,7 +19,3 @@
|
|||||||
| test.cpp:149:10:149:10 | z | test-sink |
|
| test.cpp:149:10:149:10 | z | test-sink |
|
||||||
| test.cpp:158:10:158:10 | z | test-sink |
|
| test.cpp:158:10:158:10 | z | test-sink |
|
||||||
| test.cpp:173:10:173:10 | y | test-sink |
|
| test.cpp:173:10:173:10 | y | test-sink |
|
||||||
| test.cpp:188:10:188:10 | x | test-sink |
|
|
||||||
| test.cpp:201:10:201:10 | x | test-sink |
|
|
||||||
| test.cpp:218:11:218:11 | x | test-sink |
|
|
||||||
| test.cpp:224:11:224:11 | c | test-sink |
|
|
||||||
|
|||||||
@@ -13,10 +13,6 @@
|
|||||||
| test.cpp:146:10:146:18 | call to ymlSource | local |
|
| test.cpp:146:10:146:18 | call to ymlSource | local |
|
||||||
| test.cpp:155:10:155:18 | call to ymlSource | local |
|
| test.cpp:155:10:155:18 | call to ymlSource | local |
|
||||||
| test.cpp:170:10:170:18 | call to ymlSource | local |
|
| test.cpp:170:10:170:18 | call to ymlSource | local |
|
||||||
| test.cpp:186:14:186:22 | call to ymlSource | local |
|
|
||||||
| test.cpp:199:14:199:22 | call to ymlSource | local |
|
|
||||||
| test.cpp:216:18:216:26 | call to ymlSource | local |
|
|
||||||
| test.cpp:222:10:222:20 | call to ymlSource | local |
|
|
||||||
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | local |
|
| windows.cpp:22:15:22:29 | *call to GetCommandLineA | local |
|
||||||
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | local |
|
| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | local |
|
||||||
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | local |
|
| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | local |
|
||||||
|
|||||||
@@ -172,55 +172,3 @@ void test_class1() {
|
|||||||
auto y = c.templateFunction3<unsigned long>(0UL, x);
|
auto y = c.templateFunction3<unsigned long>(0UL, x);
|
||||||
ymlSink(y); // $ ir
|
ymlSink(y); // $ ir
|
||||||
}
|
}
|
||||||
|
|
||||||
namespace MyNamespace {
|
|
||||||
struct MyStructInNamespace {
|
|
||||||
int myField;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
int read_field_from_struct(MyNamespace::MyStructInNamespace* s);
|
|
||||||
|
|
||||||
void test_fully_qualified_field_test() {
|
|
||||||
MyNamespace::MyStructInNamespace s;
|
|
||||||
s.myField = ymlSource();
|
|
||||||
int x = read_field_from_struct(&s);
|
|
||||||
ymlSink(x); // $ ir
|
|
||||||
}
|
|
||||||
|
|
||||||
struct MyGlobalStruct {
|
|
||||||
int myField;
|
|
||||||
};
|
|
||||||
|
|
||||||
int read_field_from_struct_2(MyGlobalStruct* s);
|
|
||||||
|
|
||||||
void test_fully_qualified_field_test_2() {
|
|
||||||
MyGlobalStruct s;
|
|
||||||
s.myField = ymlSource();
|
|
||||||
int x = read_field_from_struct_2(&s);
|
|
||||||
ymlSink(x); // $ ir
|
|
||||||
}
|
|
||||||
|
|
||||||
struct ReverseFlow {
|
|
||||||
int value;
|
|
||||||
int& get_ptr();
|
|
||||||
};
|
|
||||||
|
|
||||||
struct MyString {
|
|
||||||
char& operator[](unsigned);
|
|
||||||
};
|
|
||||||
|
|
||||||
void test_reverse_flow(unsigned i, unsigned j) {
|
|
||||||
{
|
|
||||||
ReverseFlow rf;
|
|
||||||
rf.get_ptr() = ymlSource();
|
|
||||||
int x = rf.value;
|
|
||||||
ymlSink(x); // $ ir
|
|
||||||
}
|
|
||||||
{
|
|
||||||
MyString s;
|
|
||||||
s[i] = ymlSource();
|
|
||||||
char c = s[j];
|
|
||||||
ymlSink(c); // $ ir
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -33,34 +33,34 @@ summaryCalls
|
|||||||
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0ReturnToReturnFirst in madCallArg0ReturnToReturnFirst |
|
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0ReturnToReturnFirst in madCallArg0ReturnToReturnFirst |
|
||||||
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0WithValue in madCallArg0WithValue |
|
| file://:0:0:0:0 | [summary] call to [summary param] 0 in madCallArg0WithValue in madCallArg0WithValue |
|
||||||
summarizedCallables
|
summarizedCallables
|
||||||
| tests.cpp:127:5:127:19 | madArg0ToReturn |
|
| tests.cpp:144:5:144:19 | madArg0ToReturn |
|
||||||
| tests.cpp:128:6:128:28 | madArg0ToReturnIndirect |
|
| tests.cpp:145:6:145:28 | madArg0ToReturnIndirect |
|
||||||
| tests.cpp:130:5:130:28 | madArg0ToReturnValueFlow |
|
| tests.cpp:147:5:147:28 | madArg0ToReturnValueFlow |
|
||||||
| tests.cpp:131:5:131:27 | madArg0IndirectToReturn |
|
| tests.cpp:148:5:148:27 | madArg0IndirectToReturn |
|
||||||
| tests.cpp:132:5:132:33 | madArg0DoubleIndirectToReturn |
|
| tests.cpp:149:5:149:33 | madArg0DoubleIndirectToReturn |
|
||||||
| tests.cpp:133:5:133:30 | madArg0NotIndirectToReturn |
|
| tests.cpp:150:5:150:30 | madArg0NotIndirectToReturn |
|
||||||
| tests.cpp:134:6:134:26 | madArg0ToArg1Indirect |
|
| tests.cpp:151:6:151:26 | madArg0ToArg1Indirect |
|
||||||
| tests.cpp:135:6:135:34 | madArg0IndirectToArg1Indirect |
|
| tests.cpp:152:6:152:34 | madArg0IndirectToArg1Indirect |
|
||||||
| tests.cpp:136:5:136:18 | madArgsComplex |
|
| tests.cpp:153:5:153:18 | madArgsComplex |
|
||||||
| tests.cpp:137:5:137:14 | madArgsAny |
|
| tests.cpp:154:5:154:14 | madArgsAny |
|
||||||
| tests.cpp:138:5:138:28 | madAndImplementedComplex |
|
| tests.cpp:155:5:155:28 | madAndImplementedComplex |
|
||||||
| tests.cpp:143:5:143:24 | madArg0FieldToReturn |
|
| tests.cpp:160:5:160:24 | madArg0FieldToReturn |
|
||||||
| tests.cpp:144:5:144:32 | madArg0IndirectFieldToReturn |
|
| tests.cpp:161:5:161:32 | madArg0IndirectFieldToReturn |
|
||||||
| tests.cpp:145:5:145:32 | madArg0FieldIndirectToReturn |
|
| tests.cpp:162:5:162:32 | madArg0FieldIndirectToReturn |
|
||||||
| tests.cpp:146:13:146:32 | madArg0ToReturnField |
|
| tests.cpp:163:13:163:32 | madArg0ToReturnField |
|
||||||
| tests.cpp:147:14:147:41 | madArg0ToReturnIndirectField |
|
| tests.cpp:164:14:164:41 | madArg0ToReturnIndirectField |
|
||||||
| tests.cpp:148:13:148:40 | madArg0ToReturnFieldIndirect |
|
| tests.cpp:165:13:165:40 | madArg0ToReturnFieldIndirect |
|
||||||
| tests.cpp:250:7:250:19 | madArg0ToSelf |
|
| tests.cpp:284:7:284:19 | madArg0ToSelf |
|
||||||
| tests.cpp:251:6:251:20 | madSelfToReturn |
|
| tests.cpp:285:6:285:20 | madSelfToReturn |
|
||||||
| tests.cpp:253:7:253:20 | madArg0ToField |
|
| tests.cpp:287:7:287:20 | madArg0ToField |
|
||||||
| tests.cpp:254:6:254:21 | madFieldToReturn |
|
| tests.cpp:288:6:288:21 | madFieldToReturn |
|
||||||
| tests.cpp:277:7:277:30 | namespaceMadSelfToReturn |
|
| tests.cpp:313:7:313:30 | namespaceMadSelfToReturn |
|
||||||
| tests.cpp:392:5:392:29 | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:393:9:393:38 | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:394:6:394:25 | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | madCallArg0WithValue |
|
||||||
| tests.cpp:395:5:395:36 | madCallReturnValueIgnoreFunction |
|
| tests.cpp:437:5:437:36 | madCallReturnValueIgnoreFunction |
|
||||||
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
|
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
|
||||||
| tests.cpp:429:5:429:17 | receive_array |
|
| tests.cpp:471:5:471:17 | receive_array |
|
||||||
sourceCallables
|
sourceCallables
|
||||||
| tests.cpp:3:5:3:10 | source |
|
| tests.cpp:3:5:3:10 | source |
|
||||||
| tests.cpp:4:6:4:14 | sourcePtr |
|
| tests.cpp:4:6:4:14 | sourcePtr |
|
||||||
@@ -82,284 +82,297 @@ sourceCallables
|
|||||||
| tests.cpp:19:6:19:32 | remoteMadSourceIndirectArg1 |
|
| tests.cpp:19:6:19:32 | remoteMadSourceIndirectArg1 |
|
||||||
| tests.cpp:19:39:19:39 | x |
|
| tests.cpp:19:39:19:39 | x |
|
||||||
| tests.cpp:19:47:19:47 | y |
|
| tests.cpp:19:47:19:47 | y |
|
||||||
| tests.cpp:23:7:23:30 | namespace2LocalMadSource |
|
| tests.cpp:20:5:20:22 | remoteMadSourceVar |
|
||||||
| tests.cpp:26:6:26:19 | localMadSource |
|
| tests.cpp:21:6:21:31 | remoteMadSourceVarIndirect |
|
||||||
| tests.cpp:28:5:28:27 | namespaceLocalMadSource |
|
| tests.cpp:24:6:24:28 | namespaceLocalMadSource |
|
||||||
| tests.cpp:30:6:30:17 | test_sources |
|
| tests.cpp:25:6:25:31 | namespaceLocalMadSourceVar |
|
||||||
| tests.cpp:45:6:45:6 | v |
|
| tests.cpp:28:7:28:30 | namespace2LocalMadSource |
|
||||||
| tests.cpp:46:7:46:16 | v_indirect |
|
| tests.cpp:31:6:31:19 | localMadSource |
|
||||||
| tests.cpp:47:6:47:13 | v_direct |
|
| tests.cpp:33:5:33:27 | namespaceLocalMadSource |
|
||||||
| tests.cpp:58:6:58:6 | a |
|
| tests.cpp:35:6:35:17 | test_sources |
|
||||||
| tests.cpp:58:9:58:9 | b |
|
| tests.cpp:50:6:50:6 | v |
|
||||||
| tests.cpp:58:12:58:12 | c |
|
| tests.cpp:51:7:51:16 | v_indirect |
|
||||||
| tests.cpp:58:15:58:15 | d |
|
| tests.cpp:52:6:52:13 | v_direct |
|
||||||
| tests.cpp:67:6:67:6 | e |
|
| tests.cpp:63:6:63:6 | a |
|
||||||
| tests.cpp:75:6:75:26 | remoteMadSourceParam0 |
|
| tests.cpp:63:9:63:9 | b |
|
||||||
| tests.cpp:75:32:75:32 | x |
|
| tests.cpp:63:12:63:12 | c |
|
||||||
| tests.cpp:82:6:82:16 | madSinkArg0 |
|
| tests.cpp:63:15:63:15 | d |
|
||||||
| tests.cpp:82:22:82:22 | x |
|
| tests.cpp:75:6:75:6 | e |
|
||||||
| tests.cpp:83:6:83:13 | notASink |
|
| tests.cpp:85:6:85:26 | remoteMadSourceParam0 |
|
||||||
| tests.cpp:83:19:83:19 | x |
|
| tests.cpp:85:32:85:32 | x |
|
||||||
| tests.cpp:84:6:84:16 | madSinkArg1 |
|
| tests.cpp:92:6:92:16 | madSinkArg0 |
|
||||||
| tests.cpp:84:22:84:22 | x |
|
| tests.cpp:92:22:92:22 | x |
|
||||||
| tests.cpp:84:29:84:29 | y |
|
| tests.cpp:93:6:93:13 | notASink |
|
||||||
| tests.cpp:85:6:85:17 | madSinkArg01 |
|
| tests.cpp:93:19:93:19 | x |
|
||||||
| tests.cpp:85:23:85:23 | x |
|
| tests.cpp:94:6:94:16 | madSinkArg1 |
|
||||||
| tests.cpp:85:30:85:30 | y |
|
| tests.cpp:94:22:94:22 | x |
|
||||||
| tests.cpp:85:37:85:37 | z |
|
| tests.cpp:94:29:94:29 | y |
|
||||||
| tests.cpp:86:6:86:17 | madSinkArg02 |
|
| tests.cpp:95:6:95:17 | madSinkArg01 |
|
||||||
| tests.cpp:86:23:86:23 | x |
|
| tests.cpp:95:23:95:23 | x |
|
||||||
| tests.cpp:86:30:86:30 | y |
|
| tests.cpp:95:30:95:30 | y |
|
||||||
| tests.cpp:86:37:86:37 | z |
|
| tests.cpp:95:37:95:37 | z |
|
||||||
| tests.cpp:87:6:87:24 | madSinkIndirectArg0 |
|
| tests.cpp:96:6:96:17 | madSinkArg02 |
|
||||||
| tests.cpp:87:31:87:31 | x |
|
| tests.cpp:96:23:96:23 | x |
|
||||||
| tests.cpp:88:6:88:30 | madSinkDoubleIndirectArg0 |
|
| tests.cpp:96:30:96:30 | y |
|
||||||
| tests.cpp:88:38:88:38 | x |
|
| tests.cpp:96:37:96:37 | z |
|
||||||
| tests.cpp:92:6:92:15 | test_sinks |
|
| tests.cpp:97:6:97:24 | madSinkIndirectArg0 |
|
||||||
| tests.cpp:106:6:106:6 | a |
|
| tests.cpp:97:31:97:31 | x |
|
||||||
| tests.cpp:107:7:107:11 | a_ptr |
|
| tests.cpp:98:6:98:30 | madSinkDoubleIndirectArg0 |
|
||||||
| tests.cpp:115:6:115:18 | madSinkParam0 |
|
| tests.cpp:98:38:98:38 | x |
|
||||||
| tests.cpp:115:24:115:24 | x |
|
| tests.cpp:99:5:99:14 | madSinkVar |
|
||||||
| tests.cpp:121:8:121:8 | operator= |
|
| tests.cpp:100:6:100:23 | madSinkVarIndirect |
|
||||||
| tests.cpp:121:8:121:8 | operator= |
|
| tests.cpp:102:6:102:15 | test_sinks |
|
||||||
| tests.cpp:121:8:121:18 | MyContainer |
|
| tests.cpp:116:6:116:6 | a |
|
||||||
| tests.cpp:122:6:122:10 | value |
|
| tests.cpp:117:7:117:11 | a_ptr |
|
||||||
| tests.cpp:123:6:123:11 | value2 |
|
| tests.cpp:132:6:132:18 | madSinkParam0 |
|
||||||
| tests.cpp:124:7:124:9 | ptr |
|
| tests.cpp:132:24:132:24 | x |
|
||||||
| tests.cpp:127:5:127:19 | madArg0ToReturn |
|
| tests.cpp:138:8:138:8 | operator= |
|
||||||
| tests.cpp:127:25:127:25 | x |
|
| tests.cpp:138:8:138:8 | operator= |
|
||||||
| tests.cpp:128:6:128:28 | madArg0ToReturnIndirect |
|
| tests.cpp:138:8:138:18 | MyContainer |
|
||||||
| tests.cpp:128:34:128:34 | x |
|
| tests.cpp:139:6:139:10 | value |
|
||||||
| tests.cpp:129:5:129:15 | notASummary |
|
| tests.cpp:140:6:140:11 | value2 |
|
||||||
| tests.cpp:129:21:129:21 | x |
|
| tests.cpp:141:7:141:9 | ptr |
|
||||||
| tests.cpp:130:5:130:28 | madArg0ToReturnValueFlow |
|
| tests.cpp:144:5:144:19 | madArg0ToReturn |
|
||||||
| tests.cpp:130:34:130:34 | x |
|
| tests.cpp:144:25:144:25 | x |
|
||||||
| tests.cpp:131:5:131:27 | madArg0IndirectToReturn |
|
| tests.cpp:145:6:145:28 | madArg0ToReturnIndirect |
|
||||||
| tests.cpp:131:34:131:34 | x |
|
| tests.cpp:145:34:145:34 | x |
|
||||||
| tests.cpp:132:5:132:33 | madArg0DoubleIndirectToReturn |
|
| tests.cpp:146:5:146:15 | notASummary |
|
||||||
| tests.cpp:132:41:132:41 | x |
|
| tests.cpp:146:21:146:21 | x |
|
||||||
| tests.cpp:133:5:133:30 | madArg0NotIndirectToReturn |
|
| tests.cpp:147:5:147:28 | madArg0ToReturnValueFlow |
|
||||||
| tests.cpp:133:37:133:37 | x |
|
| tests.cpp:147:34:147:34 | x |
|
||||||
| tests.cpp:134:6:134:26 | madArg0ToArg1Indirect |
|
| tests.cpp:148:5:148:27 | madArg0IndirectToReturn |
|
||||||
| tests.cpp:134:32:134:32 | x |
|
| tests.cpp:148:34:148:34 | x |
|
||||||
| tests.cpp:134:40:134:40 | y |
|
| tests.cpp:149:5:149:33 | madArg0DoubleIndirectToReturn |
|
||||||
| tests.cpp:135:6:135:34 | madArg0IndirectToArg1Indirect |
|
| tests.cpp:149:41:149:41 | x |
|
||||||
| tests.cpp:135:47:135:47 | x |
|
| tests.cpp:150:5:150:30 | madArg0NotIndirectToReturn |
|
||||||
| tests.cpp:135:55:135:55 | y |
|
| tests.cpp:150:37:150:37 | x |
|
||||||
| tests.cpp:136:5:136:18 | madArgsComplex |
|
| tests.cpp:151:6:151:26 | madArg0ToArg1Indirect |
|
||||||
| tests.cpp:136:25:136:25 | a |
|
| tests.cpp:151:32:151:32 | x |
|
||||||
| tests.cpp:136:33:136:33 | b |
|
| tests.cpp:151:40:151:40 | y |
|
||||||
| tests.cpp:136:40:136:40 | c |
|
| tests.cpp:152:6:152:34 | madArg0IndirectToArg1Indirect |
|
||||||
| tests.cpp:136:47:136:47 | d |
|
| tests.cpp:152:47:152:47 | x |
|
||||||
| tests.cpp:137:5:137:14 | madArgsAny |
|
| tests.cpp:152:55:152:55 | y |
|
||||||
| tests.cpp:137:20:137:20 | a |
|
| tests.cpp:153:5:153:18 | madArgsComplex |
|
||||||
| tests.cpp:137:28:137:28 | b |
|
| tests.cpp:153:25:153:25 | a |
|
||||||
| tests.cpp:138:5:138:28 | madAndImplementedComplex |
|
| tests.cpp:153:33:153:33 | b |
|
||||||
| tests.cpp:138:34:138:34 | a |
|
| tests.cpp:153:40:153:40 | c |
|
||||||
| tests.cpp:138:41:138:41 | b |
|
| tests.cpp:153:47:153:47 | d |
|
||||||
| tests.cpp:138:48:138:48 | c |
|
| tests.cpp:154:5:154:14 | madArgsAny |
|
||||||
| tests.cpp:143:5:143:24 | madArg0FieldToReturn |
|
| tests.cpp:154:20:154:20 | a |
|
||||||
| tests.cpp:143:38:143:39 | mc |
|
| tests.cpp:154:28:154:28 | b |
|
||||||
| tests.cpp:144:5:144:32 | madArg0IndirectFieldToReturn |
|
| tests.cpp:155:5:155:28 | madAndImplementedComplex |
|
||||||
| tests.cpp:144:47:144:48 | mc |
|
| tests.cpp:155:34:155:34 | a |
|
||||||
| tests.cpp:145:5:145:32 | madArg0FieldIndirectToReturn |
|
| tests.cpp:155:41:155:41 | b |
|
||||||
| tests.cpp:145:46:145:47 | mc |
|
| tests.cpp:155:48:155:48 | c |
|
||||||
| tests.cpp:146:13:146:32 | madArg0ToReturnField |
|
| tests.cpp:160:5:160:24 | madArg0FieldToReturn |
|
||||||
| tests.cpp:146:38:146:38 | x |
|
| tests.cpp:160:38:160:39 | mc |
|
||||||
| tests.cpp:147:14:147:41 | madArg0ToReturnIndirectField |
|
| tests.cpp:161:5:161:32 | madArg0IndirectFieldToReturn |
|
||||||
| tests.cpp:147:47:147:47 | x |
|
| tests.cpp:161:47:161:48 | mc |
|
||||||
| tests.cpp:148:13:148:40 | madArg0ToReturnFieldIndirect |
|
| tests.cpp:162:5:162:32 | madArg0FieldIndirectToReturn |
|
||||||
| tests.cpp:148:46:148:46 | x |
|
| tests.cpp:162:46:162:47 | mc |
|
||||||
| tests.cpp:150:6:150:19 | test_summaries |
|
| tests.cpp:163:13:163:32 | madArg0ToReturnField |
|
||||||
| tests.cpp:153:6:153:6 | a |
|
| tests.cpp:163:38:163:38 | x |
|
||||||
| tests.cpp:153:9:153:9 | b |
|
| tests.cpp:164:14:164:41 | madArg0ToReturnIndirectField |
|
||||||
| tests.cpp:153:12:153:12 | c |
|
| tests.cpp:164:47:164:47 | x |
|
||||||
| tests.cpp:153:15:153:15 | d |
|
| tests.cpp:165:13:165:40 | madArg0ToReturnFieldIndirect |
|
||||||
| tests.cpp:153:18:153:18 | e |
|
| tests.cpp:165:46:165:46 | x |
|
||||||
| tests.cpp:154:7:154:11 | a_ptr |
|
| tests.cpp:167:13:167:30 | madFieldToFieldVar |
|
||||||
| tests.cpp:197:14:197:16 | mc1 |
|
| tests.cpp:168:13:168:38 | madFieldToIndirectFieldVar |
|
||||||
| tests.cpp:197:19:197:21 | mc2 |
|
| tests.cpp:169:14:169:39 | madIndirectFieldToFieldVar |
|
||||||
| tests.cpp:216:15:216:18 | rtn1 |
|
| tests.cpp:171:6:171:19 | test_summaries |
|
||||||
| tests.cpp:219:14:219:17 | rtn2 |
|
| tests.cpp:174:6:174:6 | a |
|
||||||
| tests.cpp:220:7:220:14 | rtn2_ptr |
|
| tests.cpp:174:9:174:9 | b |
|
||||||
| tests.cpp:233:7:233:7 | operator= |
|
| tests.cpp:174:12:174:12 | c |
|
||||||
| tests.cpp:233:7:233:7 | operator= |
|
| tests.cpp:174:15:174:15 | d |
|
||||||
| tests.cpp:233:7:233:13 | MyClass |
|
| tests.cpp:174:18:174:18 | e |
|
||||||
| tests.cpp:236:6:236:26 | memberRemoteMadSource |
|
| tests.cpp:175:7:175:11 | a_ptr |
|
||||||
| tests.cpp:237:7:237:39 | memberRemoteMadSourceIndirectArg0 |
|
| tests.cpp:218:14:218:16 | mc1 |
|
||||||
| tests.cpp:237:46:237:46 | x |
|
| tests.cpp:218:19:218:21 | mc2 |
|
||||||
| tests.cpp:239:7:239:21 | qualifierSource |
|
| tests.cpp:237:15:237:18 | rtn1 |
|
||||||
| tests.cpp:240:7:240:26 | qualifierFieldSource |
|
| tests.cpp:240:14:240:17 | rtn2 |
|
||||||
| tests.cpp:243:7:243:23 | memberMadSinkArg0 |
|
| tests.cpp:241:7:241:14 | rtn2_ptr |
|
||||||
| tests.cpp:243:29:243:29 | x |
|
| tests.cpp:267:7:267:7 | operator= |
|
||||||
| tests.cpp:245:7:245:19 | qualifierSink |
|
| tests.cpp:267:7:267:7 | operator= |
|
||||||
| tests.cpp:246:7:246:23 | qualifierArg0Sink |
|
| tests.cpp:267:7:267:13 | MyClass |
|
||||||
| tests.cpp:246:29:246:29 | x |
|
| tests.cpp:270:6:270:26 | memberRemoteMadSource |
|
||||||
| tests.cpp:247:7:247:24 | qualifierFieldSink |
|
| tests.cpp:271:7:271:39 | memberRemoteMadSourceIndirectArg0 |
|
||||||
| tests.cpp:250:7:250:19 | madArg0ToSelf |
|
| tests.cpp:271:46:271:46 | x |
|
||||||
| tests.cpp:250:25:250:25 | x |
|
| tests.cpp:272:6:272:29 | memberRemoteMadSourceVar |
|
||||||
| tests.cpp:251:6:251:20 | madSelfToReturn |
|
| tests.cpp:273:7:273:21 | qualifierSource |
|
||||||
| tests.cpp:252:6:252:16 | notASummary |
|
| tests.cpp:274:7:274:26 | qualifierFieldSource |
|
||||||
| tests.cpp:253:7:253:20 | madArg0ToField |
|
| tests.cpp:277:7:277:23 | memberMadSinkArg0 |
|
||||||
| tests.cpp:253:26:253:26 | x |
|
| tests.cpp:277:29:277:29 | x |
|
||||||
| tests.cpp:254:6:254:21 | madFieldToReturn |
|
| tests.cpp:278:6:278:21 | memberMadSinkVar |
|
||||||
| tests.cpp:256:6:256:8 | val |
|
| tests.cpp:279:7:279:19 | qualifierSink |
|
||||||
| tests.cpp:259:7:259:7 | MyDerivedClass |
|
| tests.cpp:280:7:280:23 | qualifierArg0Sink |
|
||||||
| tests.cpp:259:7:259:7 | operator= |
|
| tests.cpp:280:29:280:29 | x |
|
||||||
| tests.cpp:259:7:259:7 | operator= |
|
| tests.cpp:281:7:281:24 | qualifierFieldSink |
|
||||||
| tests.cpp:259:7:259:20 | MyDerivedClass |
|
| tests.cpp:284:7:284:19 | madArg0ToSelf |
|
||||||
| tests.cpp:261:6:261:28 | subtypeRemoteMadSource1 |
|
| tests.cpp:284:25:284:25 | x |
|
||||||
| tests.cpp:262:6:262:21 | subtypeNonSource |
|
| tests.cpp:285:6:285:20 | madSelfToReturn |
|
||||||
| tests.cpp:263:6:263:28 | subtypeRemoteMadSource2 |
|
| tests.cpp:286:6:286:16 | notASummary |
|
||||||
| tests.cpp:266:9:266:15 | source2 |
|
| tests.cpp:287:7:287:20 | madArg0ToField |
|
||||||
| tests.cpp:267:6:267:9 | sink |
|
| tests.cpp:287:26:287:26 | x |
|
||||||
| tests.cpp:267:19:267:20 | mc |
|
| tests.cpp:288:6:288:21 | madFieldToReturn |
|
||||||
| tests.cpp:270:8:270:8 | operator= |
|
| tests.cpp:290:6:290:8 | val |
|
||||||
| tests.cpp:270:8:270:8 | operator= |
|
| tests.cpp:293:7:293:7 | MyDerivedClass |
|
||||||
| tests.cpp:270:8:270:14 | MyClass |
|
| tests.cpp:293:7:293:7 | operator= |
|
||||||
| tests.cpp:273:8:273:33 | namespaceMemberMadSinkArg0 |
|
| tests.cpp:293:7:293:7 | operator= |
|
||||||
| tests.cpp:273:39:273:39 | x |
|
| tests.cpp:293:7:293:20 | MyDerivedClass |
|
||||||
| tests.cpp:274:15:274:46 | namespaceStaticMemberMadSinkArg0 |
|
| tests.cpp:295:6:295:28 | subtypeRemoteMadSource1 |
|
||||||
| tests.cpp:274:52:274:52 | x |
|
| tests.cpp:296:6:296:21 | subtypeNonSource |
|
||||||
| tests.cpp:277:7:277:30 | namespaceMadSelfToReturn |
|
| tests.cpp:297:6:297:28 | subtypeRemoteMadSource2 |
|
||||||
| tests.cpp:281:22:281:28 | source3 |
|
| tests.cpp:300:9:300:15 | source2 |
|
||||||
| tests.cpp:283:6:283:23 | test_class_members |
|
| tests.cpp:301:6:301:9 | sink |
|
||||||
| tests.cpp:284:10:284:11 | mc |
|
| tests.cpp:301:19:301:20 | mc |
|
||||||
| tests.cpp:284:14:284:16 | mc2 |
|
| tests.cpp:304:8:304:8 | operator= |
|
||||||
| tests.cpp:284:19:284:21 | mc3 |
|
| tests.cpp:304:8:304:8 | operator= |
|
||||||
| tests.cpp:284:24:284:26 | mc4 |
|
| tests.cpp:304:8:304:14 | MyClass |
|
||||||
| tests.cpp:284:29:284:31 | mc5 |
|
| tests.cpp:307:8:307:33 | namespaceMemberMadSinkArg0 |
|
||||||
| tests.cpp:284:34:284:36 | mc6 |
|
| tests.cpp:307:39:307:39 | x |
|
||||||
| tests.cpp:284:39:284:41 | mc7 |
|
| tests.cpp:308:15:308:46 | namespaceStaticMemberMadSinkArg0 |
|
||||||
| tests.cpp:284:44:284:46 | mc8 |
|
| tests.cpp:308:52:308:52 | x |
|
||||||
| tests.cpp:284:49:284:51 | mc9 |
|
| tests.cpp:309:7:309:31 | namespaceMemberMadSinkVar |
|
||||||
| tests.cpp:284:54:284:57 | mc10 |
|
| tests.cpp:310:14:310:44 | namespaceStaticMemberMadSinkVar |
|
||||||
| tests.cpp:284:60:284:63 | mc11 |
|
| tests.cpp:313:7:313:30 | namespaceMadSelfToReturn |
|
||||||
| tests.cpp:285:11:285:13 | ptr |
|
| tests.cpp:317:22:317:28 | source3 |
|
||||||
| tests.cpp:285:17:285:23 | mc4_ptr |
|
| tests.cpp:319:6:319:23 | test_class_members |
|
||||||
| tests.cpp:286:17:286:19 | mdc |
|
| tests.cpp:320:10:320:11 | mc |
|
||||||
| tests.cpp:287:23:287:25 | mnc |
|
| tests.cpp:320:14:320:16 | mc2 |
|
||||||
| tests.cpp:287:28:287:31 | mnc2 |
|
| tests.cpp:320:19:320:21 | mc3 |
|
||||||
| tests.cpp:288:24:288:31 | mnc2_ptr |
|
| tests.cpp:320:24:320:26 | mc4 |
|
||||||
| tests.cpp:294:6:294:6 | a |
|
| tests.cpp:320:29:320:31 | mc5 |
|
||||||
| tests.cpp:387:8:387:8 | operator= |
|
| tests.cpp:320:34:320:36 | mc6 |
|
||||||
| tests.cpp:387:8:387:8 | operator= |
|
| tests.cpp:320:39:320:41 | mc7 |
|
||||||
| tests.cpp:387:8:387:14 | intPair |
|
| tests.cpp:320:44:320:46 | mc8 |
|
||||||
| tests.cpp:388:6:388:10 | first |
|
| tests.cpp:320:49:320:51 | mc9 |
|
||||||
| tests.cpp:389:6:389:11 | second |
|
| tests.cpp:320:54:320:57 | mc10 |
|
||||||
| tests.cpp:392:5:392:29 | madCallArg0ReturnToReturn |
|
| tests.cpp:320:60:320:63 | mc11 |
|
||||||
| tests.cpp:392:37:392:43 | fun_ptr |
|
| tests.cpp:321:11:321:13 | ptr |
|
||||||
| tests.cpp:393:9:393:38 | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:321:17:321:23 | mc4_ptr |
|
||||||
| tests.cpp:393:46:393:52 | fun_ptr |
|
| tests.cpp:322:17:322:19 | mdc |
|
||||||
| tests.cpp:394:6:394:25 | madCallArg0WithValue |
|
| tests.cpp:323:23:323:25 | mnc |
|
||||||
| tests.cpp:394:34:394:40 | fun_ptr |
|
| tests.cpp:323:28:323:31 | mnc2 |
|
||||||
| tests.cpp:394:53:394:57 | value |
|
| tests.cpp:324:24:324:31 | mnc2_ptr |
|
||||||
| tests.cpp:395:5:395:36 | madCallReturnValueIgnoreFunction |
|
| tests.cpp:330:6:330:6 | a |
|
||||||
| tests.cpp:395:45:395:51 | fun_ptr |
|
| tests.cpp:429:8:429:8 | operator= |
|
||||||
| tests.cpp:395:64:395:68 | value |
|
| tests.cpp:429:8:429:8 | operator= |
|
||||||
| tests.cpp:397:5:397:14 | getTainted |
|
| tests.cpp:429:8:429:14 | intPair |
|
||||||
| tests.cpp:398:6:398:13 | useValue |
|
| tests.cpp:430:6:430:10 | first |
|
||||||
| tests.cpp:398:19:398:19 | x |
|
| tests.cpp:431:6:431:11 | second |
|
||||||
| tests.cpp:399:6:399:17 | dontUseValue |
|
| tests.cpp:434:5:434:29 | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:399:23:399:23 | x |
|
| tests.cpp:434:37:434:43 | fun_ptr |
|
||||||
| tests.cpp:401:6:401:27 | test_function_pointers |
|
| tests.cpp:435:9:435:38 | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:414:19:414:19 | X |
|
| tests.cpp:435:46:435:52 | fun_ptr |
|
||||||
| tests.cpp:415:8:415:35 | StructWithTypedefInParameter<X> |
|
| tests.cpp:436:6:436:25 | madCallArg0WithValue |
|
||||||
| tests.cpp:415:8:415:35 | StructWithTypedefInParameter<int> |
|
| tests.cpp:436:34:436:40 | fun_ptr |
|
||||||
| tests.cpp:416:12:416:15 | Type |
|
| tests.cpp:436:53:436:57 | value |
|
||||||
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
|
| tests.cpp:437:5:437:36 | madCallReturnValueIgnoreFunction |
|
||||||
| tests.cpp:417:5:417:31 | parameter_ref_to_return_ref |
|
| tests.cpp:437:45:437:51 | fun_ptr |
|
||||||
| tests.cpp:417:45:417:45 | x |
|
| tests.cpp:437:64:437:68 | value |
|
||||||
| tests.cpp:417:45:417:45 | x |
|
| tests.cpp:439:5:439:14 | getTainted |
|
||||||
| tests.cpp:420:6:420:37 | test_parameter_ref_to_return_ref |
|
| tests.cpp:440:6:440:13 | useValue |
|
||||||
| tests.cpp:421:6:421:6 | x |
|
| tests.cpp:440:19:440:19 | x |
|
||||||
| tests.cpp:422:36:422:36 | s |
|
| tests.cpp:441:6:441:17 | dontUseValue |
|
||||||
| tests.cpp:423:6:423:6 | y |
|
| tests.cpp:441:23:441:23 | x |
|
||||||
| tests.cpp:427:7:427:9 | INT |
|
| tests.cpp:443:6:443:27 | test_function_pointers |
|
||||||
| tests.cpp:429:5:429:17 | receive_array |
|
| tests.cpp:456:19:456:19 | X |
|
||||||
| tests.cpp:429:23:429:23 | a |
|
| tests.cpp:457:8:457:35 | StructWithTypedefInParameter<X> |
|
||||||
| tests.cpp:431:6:431:23 | test_receive_array |
|
| tests.cpp:457:8:457:35 | StructWithTypedefInParameter<int> |
|
||||||
| tests.cpp:432:6:432:6 | x |
|
| tests.cpp:458:12:458:15 | Type |
|
||||||
| tests.cpp:433:6:433:10 | array |
|
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
|
||||||
| tests.cpp:434:6:434:6 | y |
|
| tests.cpp:459:5:459:31 | parameter_ref_to_return_ref |
|
||||||
|
| tests.cpp:459:45:459:45 | x |
|
||||||
|
| tests.cpp:459:45:459:45 | x |
|
||||||
|
| tests.cpp:462:6:462:37 | test_parameter_ref_to_return_ref |
|
||||||
|
| tests.cpp:463:6:463:6 | x |
|
||||||
|
| tests.cpp:464:36:464:36 | s |
|
||||||
|
| tests.cpp:465:6:465:6 | y |
|
||||||
|
| tests.cpp:469:7:469:9 | INT |
|
||||||
|
| tests.cpp:471:5:471:17 | receive_array |
|
||||||
|
| tests.cpp:471:23:471:23 | a |
|
||||||
|
| tests.cpp:473:6:473:23 | test_receive_array |
|
||||||
|
| tests.cpp:474:6:474:6 | x |
|
||||||
|
| tests.cpp:475:6:475:10 | array |
|
||||||
|
| tests.cpp:476:6:476:6 | y |
|
||||||
flowSummaryNode
|
flowSummaryNode
|
||||||
| tests.cpp:127:5:127:19 | [summary param] 0 in madArg0ToReturn | ParameterNode | madArg0ToReturn | madArg0ToReturn |
|
| tests.cpp:144:5:144:19 | [summary param] 0 in madArg0ToReturn | ParameterNode | madArg0ToReturn | madArg0ToReturn |
|
||||||
| tests.cpp:127:5:127:19 | [summary] to write: ReturnValue in madArg0ToReturn | ReturnNode | madArg0ToReturn | madArg0ToReturn |
|
| tests.cpp:144:5:144:19 | [summary] to write: ReturnValue in madArg0ToReturn | ReturnNode | madArg0ToReturn | madArg0ToReturn |
|
||||||
| tests.cpp:128:6:128:28 | [summary param] 0 in madArg0ToReturnIndirect | ParameterNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
|
| tests.cpp:145:6:145:28 | [summary param] 0 in madArg0ToReturnIndirect | ParameterNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
|
||||||
| tests.cpp:128:6:128:28 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirect | ReturnNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
|
| tests.cpp:145:6:145:28 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirect | ReturnNode | madArg0ToReturnIndirect | madArg0ToReturnIndirect |
|
||||||
| tests.cpp:130:5:130:28 | [summary param] 0 in madArg0ToReturnValueFlow | ParameterNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
|
| tests.cpp:147:5:147:28 | [summary param] 0 in madArg0ToReturnValueFlow | ParameterNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
|
||||||
| tests.cpp:130:5:130:28 | [summary] to write: ReturnValue in madArg0ToReturnValueFlow | ReturnNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
|
| tests.cpp:147:5:147:28 | [summary] to write: ReturnValue in madArg0ToReturnValueFlow | ReturnNode | madArg0ToReturnValueFlow | madArg0ToReturnValueFlow |
|
||||||
| tests.cpp:131:5:131:27 | [summary param] *0 in madArg0IndirectToReturn | ParameterNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
|
| tests.cpp:148:5:148:27 | [summary param] *0 in madArg0IndirectToReturn | ParameterNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
|
||||||
| tests.cpp:131:5:131:27 | [summary] to write: ReturnValue in madArg0IndirectToReturn | ReturnNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
|
| tests.cpp:148:5:148:27 | [summary] to write: ReturnValue in madArg0IndirectToReturn | ReturnNode | madArg0IndirectToReturn | madArg0IndirectToReturn |
|
||||||
| tests.cpp:132:5:132:33 | [summary param] **0 in madArg0DoubleIndirectToReturn | ParameterNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
|
| tests.cpp:149:5:149:33 | [summary param] **0 in madArg0DoubleIndirectToReturn | ParameterNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
|
||||||
| tests.cpp:132:5:132:33 | [summary] to write: ReturnValue in madArg0DoubleIndirectToReturn | ReturnNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
|
| tests.cpp:149:5:149:33 | [summary] to write: ReturnValue in madArg0DoubleIndirectToReturn | ReturnNode | madArg0DoubleIndirectToReturn | madArg0DoubleIndirectToReturn |
|
||||||
| tests.cpp:133:5:133:30 | [summary param] 0 in madArg0NotIndirectToReturn | ParameterNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
|
| tests.cpp:150:5:150:30 | [summary param] 0 in madArg0NotIndirectToReturn | ParameterNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
|
||||||
| tests.cpp:133:5:133:30 | [summary] to write: ReturnValue in madArg0NotIndirectToReturn | ReturnNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
|
| tests.cpp:150:5:150:30 | [summary] to write: ReturnValue in madArg0NotIndirectToReturn | ReturnNode | madArg0NotIndirectToReturn | madArg0NotIndirectToReturn |
|
||||||
| tests.cpp:134:6:134:26 | [summary param] 0 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
| tests.cpp:151:6:151:26 | [summary param] 0 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
||||||
| tests.cpp:134:6:134:26 | [summary param] *1 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
| tests.cpp:151:6:151:26 | [summary param] *1 in madArg0ToArg1Indirect | ParameterNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
||||||
| tests.cpp:134:6:134:26 | [summary] to write: Argument[*1] in madArg0ToArg1Indirect | PostUpdateNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
| tests.cpp:151:6:151:26 | [summary] to write: Argument[*1] in madArg0ToArg1Indirect | PostUpdateNode | madArg0ToArg1Indirect | madArg0ToArg1Indirect |
|
||||||
| tests.cpp:135:6:135:34 | [summary param] *0 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
| tests.cpp:152:6:152:34 | [summary param] *0 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
||||||
| tests.cpp:135:6:135:34 | [summary param] *1 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
| tests.cpp:152:6:152:34 | [summary param] *1 in madArg0IndirectToArg1Indirect | ParameterNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
||||||
| tests.cpp:135:6:135:34 | [summary] to write: Argument[*1] in madArg0IndirectToArg1Indirect | PostUpdateNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
| tests.cpp:152:6:152:34 | [summary] to write: Argument[*1] in madArg0IndirectToArg1Indirect | PostUpdateNode | madArg0IndirectToArg1Indirect | madArg0IndirectToArg1Indirect |
|
||||||
| tests.cpp:136:5:136:18 | [summary param] 2 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
| tests.cpp:153:5:153:18 | [summary param] 2 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
||||||
| tests.cpp:136:5:136:18 | [summary param] *0 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
| tests.cpp:153:5:153:18 | [summary param] *0 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
||||||
| tests.cpp:136:5:136:18 | [summary param] *1 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
| tests.cpp:153:5:153:18 | [summary param] *1 in madArgsComplex | ParameterNode | madArgsComplex | madArgsComplex |
|
||||||
| tests.cpp:136:5:136:18 | [summary] to write: ReturnValue in madArgsComplex | ReturnNode | madArgsComplex | madArgsComplex |
|
| tests.cpp:153:5:153:18 | [summary] to write: ReturnValue in madArgsComplex | ReturnNode | madArgsComplex | madArgsComplex |
|
||||||
| tests.cpp:138:5:138:28 | [summary param] 2 in madAndImplementedComplex | ParameterNode | madAndImplementedComplex | madAndImplementedComplex |
|
| tests.cpp:155:5:155:28 | [summary param] 2 in madAndImplementedComplex | ParameterNode | madAndImplementedComplex | madAndImplementedComplex |
|
||||||
| tests.cpp:138:5:138:28 | [summary] to write: ReturnValue in madAndImplementedComplex | ReturnNode | madAndImplementedComplex | madAndImplementedComplex |
|
| tests.cpp:155:5:155:28 | [summary] to write: ReturnValue in madAndImplementedComplex | ReturnNode | madAndImplementedComplex | madAndImplementedComplex |
|
||||||
| tests.cpp:143:5:143:24 | [summary param] 0 in madArg0FieldToReturn | ParameterNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
| tests.cpp:160:5:160:24 | [summary param] 0 in madArg0FieldToReturn | ParameterNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||||
| tests.cpp:143:5:143:24 | [summary] read: Argument[0].Field[MyContainer::value]/Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
|
| tests.cpp:160:5:160:24 | [summary] read: Argument[0].Field[value] in madArg0FieldToReturn | | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||||
| tests.cpp:143:5:143:24 | [summary] to write: ReturnValue in madArg0FieldToReturn | ReturnNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
| tests.cpp:160:5:160:24 | [summary] to write: ReturnValue in madArg0FieldToReturn | ReturnNode | madArg0FieldToReturn | madArg0FieldToReturn |
|
||||||
| tests.cpp:144:5:144:32 | [summary param] *0 in madArg0IndirectFieldToReturn | ParameterNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
| tests.cpp:161:5:161:32 | [summary param] *0 in madArg0IndirectFieldToReturn | ParameterNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||||
| tests.cpp:144:5:144:32 | [summary] read: Argument[*0].Field[MyContainer::value]/Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
| tests.cpp:161:5:161:32 | [summary] read: Argument[*0].Field[value] in madArg0IndirectFieldToReturn | | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||||
| tests.cpp:144:5:144:32 | [summary] to write: ReturnValue in madArg0IndirectFieldToReturn | ReturnNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
| tests.cpp:161:5:161:32 | [summary] to write: ReturnValue in madArg0IndirectFieldToReturn | ReturnNode | madArg0IndirectFieldToReturn | madArg0IndirectFieldToReturn |
|
||||||
| tests.cpp:145:5:145:32 | [summary param] 0 in madArg0FieldIndirectToReturn | ParameterNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
| tests.cpp:162:5:162:32 | [summary param] 0 in madArg0FieldIndirectToReturn | ParameterNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||||
| tests.cpp:145:5:145:32 | [summary] read: Argument[0].Field[*MyContainer::ptr]/Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
| tests.cpp:162:5:162:32 | [summary] read: Argument[0].Field[*ptr] in madArg0FieldIndirectToReturn | | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||||
| tests.cpp:145:5:145:32 | [summary] to write: ReturnValue in madArg0FieldIndirectToReturn | ReturnNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
| tests.cpp:162:5:162:32 | [summary] to write: ReturnValue in madArg0FieldIndirectToReturn | ReturnNode | madArg0FieldIndirectToReturn | madArg0FieldIndirectToReturn |
|
||||||
| tests.cpp:146:13:146:32 | [summary param] 0 in madArg0ToReturnField | ParameterNode | madArg0ToReturnField | madArg0ToReturnField |
|
| tests.cpp:163:13:163:32 | [summary param] 0 in madArg0ToReturnField | ParameterNode | madArg0ToReturnField | madArg0ToReturnField |
|
||||||
| tests.cpp:146:13:146:32 | [summary] to write: ReturnValue in madArg0ToReturnField | ReturnNode | madArg0ToReturnField | madArg0ToReturnField |
|
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue in madArg0ToReturnField | ReturnNode | madArg0ToReturnField | madArg0ToReturnField |
|
||||||
| tests.cpp:146:13:146:32 | [summary] to write: ReturnValue.Field[MyContainer::value]/Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
|
| tests.cpp:163:13:163:32 | [summary] to write: ReturnValue.Field[value] in madArg0ToReturnField | | madArg0ToReturnField | madArg0ToReturnField |
|
||||||
| tests.cpp:147:14:147:41 | [summary param] 0 in madArg0ToReturnIndirectField | ParameterNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
| tests.cpp:164:14:164:41 | [summary param] 0 in madArg0ToReturnIndirectField | ParameterNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||||
| tests.cpp:147:14:147:41 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirectField | ReturnNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*] in madArg0ToReturnIndirectField | ReturnNode | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||||
| tests.cpp:147:14:147:41 | [summary] to write: ReturnValue[*].Field[MyContainer::value]/Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
| tests.cpp:164:14:164:41 | [summary] to write: ReturnValue[*].Field[value] in madArg0ToReturnIndirectField | | madArg0ToReturnIndirectField | madArg0ToReturnIndirectField |
|
||||||
| tests.cpp:148:13:148:40 | [summary param] 0 in madArg0ToReturnFieldIndirect | ParameterNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
| tests.cpp:165:13:165:40 | [summary param] 0 in madArg0ToReturnFieldIndirect | ParameterNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||||
| tests.cpp:148:13:148:40 | [summary] to write: ReturnValue in madArg0ToReturnFieldIndirect | ReturnNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue in madArg0ToReturnFieldIndirect | ReturnNode | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||||
| tests.cpp:148:13:148:40 | [summary] to write: ReturnValue.Field[*MyContainer::ptr]/Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
| tests.cpp:165:13:165:40 | [summary] to write: ReturnValue.Field[*ptr] in madArg0ToReturnFieldIndirect | | madArg0ToReturnFieldIndirect | madArg0ToReturnFieldIndirect |
|
||||||
| tests.cpp:250:7:250:19 | [summary param] 0 in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
| tests.cpp:284:7:284:19 | [summary param] 0 in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
||||||
| tests.cpp:250:7:250:19 | [summary param] this in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
| tests.cpp:284:7:284:19 | [summary param] this in madArg0ToSelf | ParameterNode | madArg0ToSelf | madArg0ToSelf |
|
||||||
| tests.cpp:250:7:250:19 | [summary] to write: Argument[this] in madArg0ToSelf | PostUpdateNode | madArg0ToSelf | madArg0ToSelf |
|
| tests.cpp:284:7:284:19 | [summary] to write: Argument[this] in madArg0ToSelf | PostUpdateNode | madArg0ToSelf | madArg0ToSelf |
|
||||||
| tests.cpp:251:6:251:20 | [summary param] this in madSelfToReturn | ParameterNode | madSelfToReturn | madSelfToReturn |
|
| tests.cpp:285:6:285:20 | [summary param] this in madSelfToReturn | ParameterNode | madSelfToReturn | madSelfToReturn |
|
||||||
| tests.cpp:251:6:251:20 | [summary] to write: ReturnValue in madSelfToReturn | ReturnNode | madSelfToReturn | madSelfToReturn |
|
| tests.cpp:285:6:285:20 | [summary] to write: ReturnValue in madSelfToReturn | ReturnNode | madSelfToReturn | madSelfToReturn |
|
||||||
| tests.cpp:253:7:253:20 | [summary param] 0 in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
| tests.cpp:287:7:287:20 | [summary param] 0 in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
||||||
| tests.cpp:253:7:253:20 | [summary param] this in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
| tests.cpp:287:7:287:20 | [summary param] this in madArg0ToField | ParameterNode | madArg0ToField | madArg0ToField |
|
||||||
| tests.cpp:253:7:253:20 | [summary] to write: Argument[this] in madArg0ToField | PostUpdateNode | madArg0ToField | madArg0ToField |
|
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this] in madArg0ToField | PostUpdateNode | madArg0ToField | madArg0ToField |
|
||||||
| tests.cpp:253:7:253:20 | [summary] to write: Argument[this].Field[MyClass::val]/Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
|
| tests.cpp:287:7:287:20 | [summary] to write: Argument[this].Field[val] in madArg0ToField | | madArg0ToField | madArg0ToField |
|
||||||
| tests.cpp:254:6:254:21 | [summary param] this in madFieldToReturn | ParameterNode | madFieldToReturn | madFieldToReturn |
|
| tests.cpp:288:6:288:21 | [summary param] this in madFieldToReturn | ParameterNode | madFieldToReturn | madFieldToReturn |
|
||||||
| tests.cpp:254:6:254:21 | [summary] read: Argument[this].Field[MyClass::val]/Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
|
| tests.cpp:288:6:288:21 | [summary] read: Argument[this].Field[val] in madFieldToReturn | | madFieldToReturn | madFieldToReturn |
|
||||||
| tests.cpp:254:6:254:21 | [summary] to write: ReturnValue in madFieldToReturn | ReturnNode | madFieldToReturn | madFieldToReturn |
|
| tests.cpp:288:6:288:21 | [summary] to write: ReturnValue in madFieldToReturn | ReturnNode | madFieldToReturn | madFieldToReturn |
|
||||||
| tests.cpp:277:7:277:30 | [summary param] this in namespaceMadSelfToReturn | ParameterNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
| tests.cpp:313:7:313:30 | [summary param] this in namespaceMadSelfToReturn | ParameterNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
||||||
| tests.cpp:277:7:277:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn | ReturnNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
| tests.cpp:313:7:313:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn | ReturnNode | namespaceMadSelfToReturn | namespaceMadSelfToReturn |
|
||||||
| tests.cpp:392:5:392:29 | [summary param] 0 in madCallArg0ReturnToReturn | ParameterNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | [summary param] 0 in madCallArg0ReturnToReturn | ParameterNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:392:5:392:29 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | PostUpdateNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | PostUpdateNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:392:5:392:29 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturn | OutNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturn | OutNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:392:5:392:29 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | ArgumentNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturn | ArgumentNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:392:5:392:29 | [summary] to write: ReturnValue in madCallArg0ReturnToReturn | ReturnNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
| tests.cpp:434:5:434:29 | [summary] to write: ReturnValue in madCallArg0ReturnToReturn | ReturnNode | madCallArg0ReturnToReturn | madCallArg0ReturnToReturn |
|
||||||
| tests.cpp:393:9:393:38 | [summary param] 0 in madCallArg0ReturnToReturnFirst | ParameterNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary param] 0 in madCallArg0ReturnToReturnFirst | ParameterNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:393:9:393:38 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | PostUpdateNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | PostUpdateNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:393:9:393:38 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturnFirst | OutNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary] read: Argument[0].ReturnValue in madCallArg0ReturnToReturnFirst | OutNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:393:9:393:38 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | ArgumentNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0ReturnToReturnFirst | ArgumentNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:393:9:393:38 | [summary] to write: ReturnValue in madCallArg0ReturnToReturnFirst | ReturnNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue in madCallArg0ReturnToReturnFirst | ReturnNode | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:393:9:393:38 | [summary] to write: ReturnValue.Field[first]/Field[intPair::first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
| tests.cpp:435:9:435:38 | [summary] to write: ReturnValue.Field[first] in madCallArg0ReturnToReturnFirst | | madCallArg0ReturnToReturnFirst | madCallArg0ReturnToReturnFirst |
|
||||||
| tests.cpp:394:6:394:25 | [summary param] 0 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary param] 0 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary param] 1 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary param] 1 in madCallArg0WithValue | ParameterNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary] read: Argument[0].Parameter[0] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary] read: Argument[0].Parameter[0] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary] read: Argument[0].Parameter[this pointer] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary] to write: Argument[0].Parameter[0] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary] to write: Argument[0].Parameter[0] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary] to write: Argument[0].Parameter[this pointer] in madCallArg0WithValue | ArgumentNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:394:6:394:25 | [summary] to write: Argument[1] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
| tests.cpp:436:6:436:25 | [summary] to write: Argument[1] in madCallArg0WithValue | PostUpdateNode | madCallArg0WithValue | madCallArg0WithValue |
|
||||||
| tests.cpp:395:5:395:36 | [summary param] 1 in madCallReturnValueIgnoreFunction | ParameterNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
|
| tests.cpp:437:5:437:36 | [summary param] 1 in madCallReturnValueIgnoreFunction | ParameterNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
|
||||||
| tests.cpp:395:5:395:36 | [summary] to write: ReturnValue in madCallReturnValueIgnoreFunction | ReturnNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
|
| tests.cpp:437:5:437:36 | [summary] to write: ReturnValue in madCallReturnValueIgnoreFunction | ReturnNode | madCallReturnValueIgnoreFunction | madCallReturnValueIgnoreFunction |
|
||||||
| tests.cpp:417:5:417:31 | [summary param] *0 in parameter_ref_to_return_ref | ParameterNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
|
| tests.cpp:459:5:459:31 | [summary param] *0 in parameter_ref_to_return_ref | ParameterNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
|
||||||
| tests.cpp:417:5:417:31 | [summary] to write: ReturnValue[*] in parameter_ref_to_return_ref | ReturnNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
|
| tests.cpp:459:5:459:31 | [summary] to write: ReturnValue[*] in parameter_ref_to_return_ref | ReturnNode | parameter_ref_to_return_ref | parameter_ref_to_return_ref |
|
||||||
| tests.cpp:429:5:429:17 | [summary param] *0 in receive_array | ParameterNode | receive_array | receive_array |
|
| tests.cpp:471:5:471:17 | [summary param] *0 in receive_array | ParameterNode | receive_array | receive_array |
|
||||||
| tests.cpp:429:5:429:17 | [summary] to write: ReturnValue in receive_array | ReturnNode | receive_array | receive_array |
|
| tests.cpp:471:5:471:17 | [summary] to write: ReturnValue in receive_array | ReturnNode | receive_array | receive_array |
|
||||||
|
|||||||
@@ -11,12 +11,15 @@ extensions:
|
|||||||
- ["", "", False, "remoteMadSourceDoubleIndirect", "", "", "ReturnValue[**]", "remote", "manual"]
|
- ["", "", False, "remoteMadSourceDoubleIndirect", "", "", "ReturnValue[**]", "remote", "manual"]
|
||||||
- ["", "", False, "remoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
|
- ["", "", False, "remoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
|
||||||
- ["", "", False, "remoteMadSourceIndirectArg1", "", "", "Argument[*1]", "remote", "manual"]
|
- ["", "", False, "remoteMadSourceIndirectArg1", "", "", "Argument[*1]", "remote", "manual"]
|
||||||
|
- ["", "", False, "remoteMadSourceVar", "", "", "", "remote", "manual"]
|
||||||
|
- ["", "", False, "remoteMadSourceVarIndirect", "", "", "*", "remote", "manual"] # we can't express this source/sink correctly at present, "*" is not a valid access path
|
||||||
- ["", "", False, "remoteMadSourceParam0", "", "", "Parameter[0]", "remote", "manual"]
|
- ["", "", False, "remoteMadSourceParam0", "", "", "Parameter[0]", "remote", "manual"]
|
||||||
- ["MyNamespace", "", False, "namespaceLocalMadSource", "", "", "ReturnValue", "local", "manual"]
|
- ["MyNamespace", "", False, "namespaceLocalMadSource", "", "", "ReturnValue", "local", "manual"]
|
||||||
- ["MyNamespace", "", False, "namespaceLocalMadSourceVar", "", "", "", "local", "manual"]
|
- ["MyNamespace", "", False, "namespaceLocalMadSourceVar", "", "", "", "local", "manual"]
|
||||||
- ["MyNamespace::MyNamespace2", "", False, "namespace2LocalMadSource", "", "", "ReturnValue", "local", "manual"]
|
- ["MyNamespace::MyNamespace2", "", False, "namespace2LocalMadSource", "", "", "ReturnValue", "local", "manual"]
|
||||||
- ["", "MyClass", True, "memberRemoteMadSource", "", "", "ReturnValue", "remote", "manual"]
|
- ["", "MyClass", True, "memberRemoteMadSource", "", "", "ReturnValue", "remote", "manual"]
|
||||||
- ["", "MyClass", True, "memberRemoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
|
- ["", "MyClass", True, "memberRemoteMadSourceIndirectArg0", "", "", "Argument[*0]", "remote", "manual"]
|
||||||
|
- ["", "MyClass", True, "memberRemoteMadSourceVar", "", "", "", "remote", "manual"]
|
||||||
- ["", "MyClass", True, "subtypeRemoteMadSource1", "", "", "ReturnValue", "remote", "manual"]
|
- ["", "MyClass", True, "subtypeRemoteMadSource1", "", "", "ReturnValue", "remote", "manual"]
|
||||||
- ["", "MyClass", False, "subtypeNonSource", "", "", "ReturnValue", "remote", "manual"] # the tests define this in MyDerivedClass, so it should *not* be recongized as a source
|
- ["", "MyClass", False, "subtypeNonSource", "", "", "ReturnValue", "remote", "manual"] # the tests define this in MyDerivedClass, so it should *not* be recongized as a source
|
||||||
- ["", "MyClass", True, "qualifierSource", "", "", "Argument[-1]", "remote", "manual"]
|
- ["", "MyClass", True, "qualifierSource", "", "", "Argument[-1]", "remote", "manual"]
|
||||||
@@ -32,13 +35,18 @@ extensions:
|
|||||||
- ["", "", False, "madSinkArg02", "", "", "Argument[0,2]", "test-sink", "manual"]
|
- ["", "", False, "madSinkArg02", "", "", "Argument[0,2]", "test-sink", "manual"]
|
||||||
- ["", "", False, "madSinkIndirectArg0", "", "", "Argument[*0]", "test-sink", "manual"]
|
- ["", "", False, "madSinkIndirectArg0", "", "", "Argument[*0]", "test-sink", "manual"]
|
||||||
- ["", "", False, "madSinkDoubleIndirectArg0", "", "", "Argument[**0]", "test-sink", "manual"]
|
- ["", "", False, "madSinkDoubleIndirectArg0", "", "", "Argument[**0]", "test-sink", "manual"]
|
||||||
|
- ["", "", False, "madSinkVar", "", "", "", "test-sink", "manual"]
|
||||||
|
- ["", "", False, "madSinkVarIndirect", "", "", "*", "test-sink", "manual"] # we can't express this source/sink correctly at present, "*" is not a valid access path
|
||||||
- ["", "", False, "madSinkParam0", "", "", "Parameter[0]", "test-sink", "manual"]
|
- ["", "", False, "madSinkParam0", "", "", "Parameter[0]", "test-sink", "manual"]
|
||||||
- ["", "MyClass", True, "memberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
- ["", "MyClass", True, "memberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
||||||
|
- ["", "MyClass", True, "memberMadSinkVar", "", "", "", "test-sink", "manual"]
|
||||||
- ["", "MyClass", True, "qualifierSink", "", "", "Argument[-1]", "test-sink", "manual"]
|
- ["", "MyClass", True, "qualifierSink", "", "", "Argument[-1]", "test-sink", "manual"]
|
||||||
- ["", "MyClass", True, "qualifierArg0Sink", "", "", "Argument[-1..0]", "test-sink", "manual"]
|
- ["", "MyClass", True, "qualifierArg0Sink", "", "", "Argument[-1..0]", "test-sink", "manual"]
|
||||||
- ["", "MyClass", True, "qualifierFieldSink", "", "", "Argument[-1].val", "test-sink", "manual"]
|
- ["", "MyClass", True, "qualifierFieldSink", "", "", "Argument[-1].val", "test-sink", "manual"]
|
||||||
- ["MyNamespace", "MyClass", True, "namespaceMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
- ["MyNamespace", "MyClass", True, "namespaceMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
||||||
- ["MyNamespace", "MyClass", True, "namespaceStaticMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
- ["MyNamespace", "MyClass", True, "namespaceStaticMemberMadSinkArg0", "", "", "Argument[0]", "test-sink", "manual"]
|
||||||
|
- ["MyNamespace", "MyClass", True, "namespaceMemberMadSinkVar", "", "", "", "test-sink", "manual"]
|
||||||
|
- ["MyNamespace", "MyClass", True, "namespaceStaticMemberMadSinkVar", "", "", "", "test-sink", "manual"]
|
||||||
- addsTo:
|
- addsTo:
|
||||||
pack: codeql/cpp-all
|
pack: codeql/cpp-all
|
||||||
extensible: summaryModel
|
extensible: summaryModel
|
||||||
@@ -60,6 +68,9 @@ extensions:
|
|||||||
- ["", "", False, "madArg0ToReturnField", "", "", "Argument[0]", "ReturnValue.Field[value]", "taint", "manual"]
|
- ["", "", False, "madArg0ToReturnField", "", "", "Argument[0]", "ReturnValue.Field[value]", "taint", "manual"]
|
||||||
- ["", "", False, "madArg0ToReturnIndirectField", "", "", "Argument[0]", "ReturnValue[*].Field[value]", "taint", "manual"]
|
- ["", "", False, "madArg0ToReturnIndirectField", "", "", "Argument[0]", "ReturnValue[*].Field[value]", "taint", "manual"]
|
||||||
- ["", "", False, "madArg0ToReturnFieldIndirect", "", "", "Argument[0]", "ReturnValue.Field[*ptr]", "taint", "manual"]
|
- ["", "", False, "madArg0ToReturnFieldIndirect", "", "", "Argument[0]", "ReturnValue.Field[*ptr]", "taint", "manual"]
|
||||||
|
- ["", "", False, "madFieldToFieldVar", "", "", "Field[value]", "Field[value2]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[value2]" is not a valid output
|
||||||
|
- ["", "", False, "madFieldToIndirectFieldVar", "", "", "Field[value]", "Field[*ptr]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[*ptr]" is not a valid output
|
||||||
|
- ["", "", False, "madIndirectFieldToFieldVar", "", "", "Field[value]", "Field[value2]", "taint", "manual"] # we can't express this source/sink correctly at present, "Field[value]" is not a valid input and "Field[value2]" is not a valid output
|
||||||
- ["", "MyClass", True, "madArg0ToSelf", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
|
- ["", "MyClass", True, "madArg0ToSelf", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
|
||||||
- ["", "MyClass", True, "madSelfToReturn", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
|
- ["", "MyClass", True, "madSelfToReturn", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
|
||||||
- ["", "MyClass", True, "madArg0ToField", "", "", "Argument[0]", "Argument[-1].Field[val]", "taint", "manual"]
|
- ["", "MyClass", True, "madArg0ToField", "", "", "Argument[0]", "Argument[-1].Field[val]", "taint", "manual"]
|
||||||
|
|||||||
@@ -17,8 +17,13 @@ int *remoteMadSourceIndirect(); // $ interpretElement
|
|||||||
int **remoteMadSourceDoubleIndirect(); // $ interpretElement
|
int **remoteMadSourceDoubleIndirect(); // $ interpretElement
|
||||||
void remoteMadSourceIndirectArg0(int *x, int *y); // $ interpretElement
|
void remoteMadSourceIndirectArg0(int *x, int *y); // $ interpretElement
|
||||||
void remoteMadSourceIndirectArg1(int &x, int &y); // $ interpretElement
|
void remoteMadSourceIndirectArg1(int &x, int &y); // $ interpretElement
|
||||||
|
int remoteMadSourceVar; // $ interpretElement
|
||||||
|
int *remoteMadSourceVarIndirect; // $ interpretElement
|
||||||
|
|
||||||
namespace MyNamespace {
|
namespace MyNamespace {
|
||||||
|
int namespaceLocalMadSource(); // $ interpretElement
|
||||||
|
int namespaceLocalMadSourceVar; // $ interpretElement
|
||||||
|
|
||||||
namespace MyNamespace2 {
|
namespace MyNamespace2 {
|
||||||
int namespace2LocalMadSource(); // $ interpretElement
|
int namespace2LocalMadSource(); // $ interpretElement
|
||||||
}
|
}
|
||||||
@@ -64,9 +69,14 @@ void test_sources() {
|
|||||||
sink(c);
|
sink(c);
|
||||||
sink(d); // $ ir
|
sink(d); // $ ir
|
||||||
|
|
||||||
|
sink(remoteMadSourceVar); // $ ir
|
||||||
|
sink(*remoteMadSourceVarIndirect); // $ MISSING: ir
|
||||||
|
|
||||||
int e = localMadSource();
|
int e = localMadSource();
|
||||||
sink(e); // $ ir
|
sink(e); // $ ir
|
||||||
|
|
||||||
|
sink(MyNamespace::namespaceLocalMadSource()); // $ ir
|
||||||
|
sink(MyNamespace::namespaceLocalMadSourceVar); // $ ir
|
||||||
sink(MyNamespace::MyNamespace2::namespace2LocalMadSource()); // $ ir
|
sink(MyNamespace::MyNamespace2::namespace2LocalMadSource()); // $ ir
|
||||||
sink(MyNamespace::localMadSource()); // $ (the MyNamespace version of this function is not a source)
|
sink(MyNamespace::localMadSource()); // $ (the MyNamespace version of this function is not a source)
|
||||||
sink(namespaceLocalMadSource()); // (the global namespace version of this function is not a source)
|
sink(namespaceLocalMadSource()); // (the global namespace version of this function is not a source)
|
||||||
@@ -86,8 +96,8 @@ void madSinkArg01(int x, int y, int z); // $ interpretElement
|
|||||||
void madSinkArg02(int x, int y, int z); // $ interpretElement
|
void madSinkArg02(int x, int y, int z); // $ interpretElement
|
||||||
void madSinkIndirectArg0(int *x); // $ interpretElement
|
void madSinkIndirectArg0(int *x); // $ interpretElement
|
||||||
void madSinkDoubleIndirectArg0(int **x); // $ interpretElement
|
void madSinkDoubleIndirectArg0(int **x); // $ interpretElement
|
||||||
|
int madSinkVar; // $ interpretElement
|
||||||
|
int *madSinkVarIndirect; // $ interpretElement
|
||||||
|
|
||||||
void test_sinks() {
|
void test_sinks() {
|
||||||
// test sinks
|
// test sinks
|
||||||
@@ -108,8 +118,15 @@ void test_sinks() {
|
|||||||
madSinkIndirectArg0(&a); // $ ir
|
madSinkIndirectArg0(&a); // $ ir
|
||||||
madSinkIndirectArg0(a_ptr); // $ ir
|
madSinkIndirectArg0(a_ptr); // $ ir
|
||||||
madSinkDoubleIndirectArg0(&a_ptr); // $ ir
|
madSinkDoubleIndirectArg0(&a_ptr); // $ ir
|
||||||
|
|
||||||
|
madSinkVar = source(); // $ ir
|
||||||
|
|
||||||
|
// test sources + sinks together
|
||||||
|
|
||||||
madSinkArg0(localMadSource()); // $ ir
|
madSinkArg0(localMadSource()); // $ ir
|
||||||
madSinkIndirectArg0(remoteMadSourceIndirect()); // $ ir
|
madSinkIndirectArg0(remoteMadSourceIndirect()); // $ ir
|
||||||
|
madSinkVar = remoteMadSourceVar; // $ ir
|
||||||
|
*madSinkVarIndirect = remoteMadSourceVar; // $ MISSING: ir
|
||||||
}
|
}
|
||||||
|
|
||||||
void madSinkParam0(int x) { // $ interpretElement
|
void madSinkParam0(int x) { // $ interpretElement
|
||||||
@@ -147,6 +164,10 @@ MyContainer madArg0ToReturnField(int x); // $ interpretElement
|
|||||||
MyContainer *madArg0ToReturnIndirectField(int x); // $ interpretElement
|
MyContainer *madArg0ToReturnIndirectField(int x); // $ interpretElement
|
||||||
MyContainer madArg0ToReturnFieldIndirect(int x); // $ interpretElement
|
MyContainer madArg0ToReturnFieldIndirect(int x); // $ interpretElement
|
||||||
|
|
||||||
|
MyContainer madFieldToFieldVar; // $ interpretElement
|
||||||
|
MyContainer madFieldToIndirectFieldVar; // $ interpretElement
|
||||||
|
MyContainer *madIndirectFieldToFieldVar; // $ interpretElement
|
||||||
|
|
||||||
void test_summaries() {
|
void test_summaries() {
|
||||||
// test summaries
|
// test summaries
|
||||||
|
|
||||||
@@ -220,6 +241,19 @@ void test_summaries() {
|
|||||||
int *rtn2_ptr = rtn2.ptr;
|
int *rtn2_ptr = rtn2.ptr;
|
||||||
sink(*rtn2_ptr); // $ ir
|
sink(*rtn2_ptr); // $ ir
|
||||||
|
|
||||||
|
// test global variable summaries
|
||||||
|
|
||||||
|
madFieldToFieldVar.value = source();
|
||||||
|
sink(madFieldToFieldVar.value2); // $ MISSING: ir
|
||||||
|
|
||||||
|
madFieldToIndirectFieldVar.value = source();
|
||||||
|
sink(madFieldToIndirectFieldVar.ptr);
|
||||||
|
sink(*(madFieldToIndirectFieldVar.ptr)); // $ MISSING: ir
|
||||||
|
|
||||||
|
madIndirectFieldToFieldVar->value = source();
|
||||||
|
sink((*madIndirectFieldToFieldVar).value2); // $ MISSING: ir
|
||||||
|
sink(madIndirectFieldToFieldVar->value2); // $ MISSING: ir
|
||||||
|
|
||||||
// test source + sinks + summaries together
|
// test source + sinks + summaries together
|
||||||
|
|
||||||
madSinkArg0(madArg0ToReturn(remoteMadSource())); // $ ir
|
madSinkArg0(madArg0ToReturn(remoteMadSource())); // $ ir
|
||||||
@@ -235,13 +269,13 @@ public:
|
|||||||
// sources
|
// sources
|
||||||
int memberRemoteMadSource(); // $ interpretElement
|
int memberRemoteMadSource(); // $ interpretElement
|
||||||
void memberRemoteMadSourceIndirectArg0(int *x); // $ interpretElement
|
void memberRemoteMadSourceIndirectArg0(int *x); // $ interpretElement
|
||||||
|
int memberRemoteMadSourceVar; // $ interpretElement
|
||||||
void qualifierSource(); // $ interpretElement
|
void qualifierSource(); // $ interpretElement
|
||||||
void qualifierFieldSource(); // $ interpretElement
|
void qualifierFieldSource(); // $ interpretElement
|
||||||
|
|
||||||
// sinks
|
// sinks
|
||||||
void memberMadSinkArg0(int x); // $ interpretElement
|
void memberMadSinkArg0(int x); // $ interpretElement
|
||||||
|
int memberMadSinkVar; // $ interpretElement
|
||||||
void qualifierSink(); // $ interpretElement
|
void qualifierSink(); // $ interpretElement
|
||||||
void qualifierArg0Sink(int x); // $ interpretElement
|
void qualifierArg0Sink(int x); // $ interpretElement
|
||||||
void qualifierFieldSink(); // $ interpretElement
|
void qualifierFieldSink(); // $ interpretElement
|
||||||
@@ -272,6 +306,8 @@ namespace MyNamespace {
|
|||||||
// sinks
|
// sinks
|
||||||
void namespaceMemberMadSinkArg0(int x); // $ interpretElement
|
void namespaceMemberMadSinkArg0(int x); // $ interpretElement
|
||||||
static void namespaceStaticMemberMadSinkArg0(int x); // $ interpretElement
|
static void namespaceStaticMemberMadSinkArg0(int x); // $ interpretElement
|
||||||
|
int namespaceMemberMadSinkVar; // $ interpretElement
|
||||||
|
static int namespaceStaticMemberMadSinkVar; // $ interpretElement
|
||||||
|
|
||||||
// summaries
|
// summaries
|
||||||
int namespaceMadSelfToReturn(); // $ interpretElement
|
int namespaceMadSelfToReturn(); // $ interpretElement
|
||||||
@@ -295,6 +331,8 @@ void test_class_members() {
|
|||||||
mc.memberRemoteMadSourceIndirectArg0(&a);
|
mc.memberRemoteMadSourceIndirectArg0(&a);
|
||||||
sink(a); // $ ir
|
sink(a); // $ ir
|
||||||
|
|
||||||
|
sink(mc.memberRemoteMadSourceVar); // $ ir
|
||||||
|
|
||||||
// test subtype sources
|
// test subtype sources
|
||||||
|
|
||||||
sink(mdc.memberRemoteMadSource()); // $ ir
|
sink(mdc.memberRemoteMadSource()); // $ ir
|
||||||
@@ -306,8 +344,12 @@ void test_class_members() {
|
|||||||
|
|
||||||
mc.memberMadSinkArg0(source()); // $ ir
|
mc.memberMadSinkArg0(source()); // $ ir
|
||||||
|
|
||||||
|
mc.memberMadSinkVar = source(); // $ ir
|
||||||
|
|
||||||
mnc.namespaceMemberMadSinkArg0(source()); // $ ir
|
mnc.namespaceMemberMadSinkArg0(source()); // $ ir
|
||||||
MyNamespace::MyClass::namespaceStaticMemberMadSinkArg0(source()); // $ ir
|
MyNamespace::MyClass::namespaceStaticMemberMadSinkArg0(source()); // $ ir
|
||||||
|
mnc.namespaceMemberMadSinkVar = source(); // $ ir
|
||||||
|
MyNamespace::MyClass::namespaceStaticMemberMadSinkVar = source(); // $ ir
|
||||||
|
|
||||||
// test class member summaries
|
// test class member summaries
|
||||||
|
|
||||||
|
|||||||
@@ -11,10 +11,12 @@ edges
|
|||||||
| nested.cpp:86:19:86:46 | *call to __builtin_alloca | nested.cpp:87:18:87:20 | *fmt | provenance | |
|
| nested.cpp:86:19:86:46 | *call to __builtin_alloca | nested.cpp:87:18:87:20 | *fmt | provenance | |
|
||||||
| test.cpp:46:27:46:30 | **argv | test.cpp:130:20:130:26 | *access to array | provenance | |
|
| test.cpp:46:27:46:30 | **argv | test.cpp:130:20:130:26 | *access to array | provenance | |
|
||||||
| test.cpp:167:31:167:34 | *data | test.cpp:170:12:170:14 | *res | provenance | DataFlowFunction |
|
| test.cpp:167:31:167:34 | *data | test.cpp:170:12:170:14 | *res | provenance | DataFlowFunction |
|
||||||
|
| test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | provenance | MaD:403 |
|
||||||
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
||||||
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
| test.cpp:193:32:193:34 | *str | test.cpp:195:31:195:33 | *str | provenance | |
|
||||||
| test.cpp:193:32:193:34 | *str | test.cpp:197:11:197:14 | *wstr | provenance | TaintFunction |
|
| test.cpp:193:32:193:34 | *str | test.cpp:197:11:197:14 | *wstr | provenance | TaintFunction |
|
||||||
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | test.cpp:197:11:197:14 | *wstr | provenance | |
|
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | test.cpp:197:11:197:14 | *wstr | provenance | |
|
||||||
|
| test.cpp:195:31:195:33 | *str | test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | provenance | |
|
||||||
| test.cpp:195:31:195:33 | *str | test.cpp:195:20:195:23 | StringCchPrintfW output argument | provenance | MaD:403 |
|
| test.cpp:195:31:195:33 | *str | test.cpp:195:20:195:23 | StringCchPrintfW output argument | provenance | MaD:403 |
|
||||||
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:204:25:204:36 | *call to get_string | provenance | |
|
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:204:25:204:36 | *call to get_string | provenance | |
|
||||||
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:205:12:205:20 | *... + ... | provenance | |
|
| test.cpp:204:25:204:36 | *call to get_string | test.cpp:205:12:205:20 | *... + ... | provenance | |
|
||||||
@@ -58,6 +60,8 @@ nodes
|
|||||||
| test.cpp:130:20:130:26 | *access to array | semmle.label | *access to array |
|
| test.cpp:130:20:130:26 | *access to array | semmle.label | *access to array |
|
||||||
| test.cpp:167:31:167:34 | *data | semmle.label | *data |
|
| test.cpp:167:31:167:34 | *data | semmle.label | *data |
|
||||||
| test.cpp:170:12:170:14 | *res | semmle.label | *res |
|
| test.cpp:170:12:170:14 | *res | semmle.label | *res |
|
||||||
|
| test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | semmle.label | [summary param] *0 in StringCchPrintfW [Return] |
|
||||||
|
| test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | semmle.label | [summary param] *2 in StringCchPrintfW |
|
||||||
| test.cpp:193:32:193:34 | *str | semmle.label | *str |
|
| test.cpp:193:32:193:34 | *str | semmle.label | *str |
|
||||||
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | semmle.label | StringCchPrintfW output argument |
|
| test.cpp:195:20:195:23 | StringCchPrintfW output argument | semmle.label | StringCchPrintfW output argument |
|
||||||
| test.cpp:195:31:195:33 | *str | semmle.label | *str |
|
| test.cpp:195:31:195:33 | *str | semmle.label | *str |
|
||||||
@@ -93,6 +97,7 @@ nodes
|
|||||||
| test.cpp:245:25:245:36 | *call to get_string | semmle.label | *call to get_string |
|
| test.cpp:245:25:245:36 | *call to get_string | semmle.label | *call to get_string |
|
||||||
| test.cpp:247:12:247:16 | *hello | semmle.label | *hello |
|
| test.cpp:247:12:247:16 | *hello | semmle.label | *hello |
|
||||||
subpaths
|
subpaths
|
||||||
|
| test.cpp:195:31:195:33 | *str | test.cpp:179:6:179:21 | [summary param] *2 in StringCchPrintfW | test.cpp:179:6:179:21 | [summary param] *0 in StringCchPrintfW [Return] | test.cpp:195:20:195:23 | StringCchPrintfW output argument |
|
||||||
#select
|
#select
|
||||||
| NonConstantFormat.c:30:10:30:16 | *access to array | NonConstantFormat.c:28:27:28:30 | **argv | NonConstantFormat.c:30:10:30:16 | *access to array | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:30:3:30:8 | call to printf | printf |
|
| NonConstantFormat.c:30:10:30:16 | *access to array | NonConstantFormat.c:28:27:28:30 | **argv | NonConstantFormat.c:30:10:30:16 | *access to array | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:30:3:30:8 | call to printf | printf |
|
||||||
| NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:41:2:41:7 | call to printf | printf |
|
| NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | NonConstantFormat.c:41:9:41:45 | *call to any_random_function | The format string argument to $@ has a source which cannot be verified to originate from a string literal. | NonConstantFormat.c:41:2:41:7 | call to printf | printf |
|
||||||
|
|||||||
@@ -33,6 +33,7 @@ edges
|
|||||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
||||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:17:111:19 | *ptr | provenance | |
|
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | tests2.cpp:111:17:111:19 | *ptr | provenance | |
|
||||||
| tests2.cpp:111:17:111:19 | *ptr | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
| tests2.cpp:111:17:111:19 | *ptr | tests2.cpp:111:14:111:19 | *ptr | provenance | |
|
||||||
|
| tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | provenance | MaD:4 |
|
||||||
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:138:23:138:34 | *message_data | provenance | Sink:MaD:2 |
|
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:138:23:138:34 | *message_data | provenance | Sink:MaD:2 |
|
||||||
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:143:34:143:45 | *message_data | provenance | |
|
| tests2.cpp:134:2:134:30 | *... = ... | tests2.cpp:143:34:143:45 | *message_data | provenance | |
|
||||||
| tests2.cpp:134:17:134:22 | *call to getenv | tests2.cpp:134:2:134:30 | *... = ... | provenance | |
|
| tests2.cpp:134:17:134:22 | *call to getenv | tests2.cpp:134:2:134:30 | *... = ... | provenance | |
|
||||||
@@ -40,6 +41,7 @@ edges
|
|||||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:147:20:147:27 | *& ... | provenance | Sink:MaD:1 |
|
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:147:20:147:27 | *& ... | provenance | Sink:MaD:1 |
|
||||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:155:32:155:39 | *& ... | provenance | Sink:MaD:3 |
|
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:155:32:155:39 | *& ... | provenance | Sink:MaD:3 |
|
||||||
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:158:20:158:27 | *& ... | provenance | Sink:MaD:1 |
|
| tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | tests2.cpp:158:20:158:27 | *& ... | provenance | Sink:MaD:1 |
|
||||||
|
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | provenance | |
|
||||||
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | provenance | MaD:4 |
|
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument | provenance | MaD:4 |
|
||||||
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:26:15:26:20 | *call to getenv | provenance | |
|
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:26:15:26:20 | *call to getenv | provenance | |
|
||||||
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:39:19:39:22 | *path | provenance | |
|
| tests_sockets.cpp:26:15:26:20 | *call to getenv | tests_sockets.cpp:39:19:39:22 | *path | provenance | |
|
||||||
@@ -76,6 +78,8 @@ nodes
|
|||||||
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | semmle.label | *c1 [*ptr] |
|
| tests2.cpp:111:14:111:15 | *c1 [*ptr] | semmle.label | *c1 [*ptr] |
|
||||||
| tests2.cpp:111:14:111:19 | *ptr | semmle.label | *ptr |
|
| tests2.cpp:111:14:111:19 | *ptr | semmle.label | *ptr |
|
||||||
| tests2.cpp:111:17:111:19 | *ptr | semmle.label | *ptr |
|
| tests2.cpp:111:17:111:19 | *ptr | semmle.label | *ptr |
|
||||||
|
| tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | semmle.label | [summary param] *0 in zmq_msg_init_data [Return] |
|
||||||
|
| tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | semmle.label | [summary param] *1 in zmq_msg_init_data |
|
||||||
| tests2.cpp:134:2:134:30 | *... = ... | semmle.label | *... = ... |
|
| tests2.cpp:134:2:134:30 | *... = ... | semmle.label | *... = ... |
|
||||||
| tests2.cpp:134:17:134:22 | *call to getenv | semmle.label | *call to getenv |
|
| tests2.cpp:134:17:134:22 | *call to getenv | semmle.label | *call to getenv |
|
||||||
| tests2.cpp:138:23:138:34 | *message_data | semmle.label | *message_data |
|
| tests2.cpp:138:23:138:34 | *message_data | semmle.label | *message_data |
|
||||||
@@ -96,3 +100,4 @@ nodes
|
|||||||
| tests_sysconf.cpp:36:21:36:27 | confstr output argument | semmle.label | confstr output argument |
|
| tests_sysconf.cpp:36:21:36:27 | confstr output argument | semmle.label | confstr output argument |
|
||||||
| tests_sysconf.cpp:39:19:39:25 | *pathbuf | semmle.label | *pathbuf |
|
| tests_sysconf.cpp:39:19:39:25 | *pathbuf | semmle.label | *pathbuf |
|
||||||
subpaths
|
subpaths
|
||||||
|
| tests2.cpp:143:34:143:45 | *message_data | tests2.cpp:120:5:120:21 | [summary param] *1 in zmq_msg_init_data | tests2.cpp:120:5:120:21 | [summary param] *0 in zmq_msg_init_data [Return] | tests2.cpp:143:24:143:31 | zmq_msg_init_data output argument |
|
||||||
|
|||||||
@@ -88,12 +88,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
private IEnumerable<string> GetFeedsFromNugetConfig(string nugetConfigPath) =>
|
private IEnumerable<string> GetFeedsFromNugetConfig(string nugetConfigPath) =>
|
||||||
GetFeeds(() => dotnet.GetNugetFeeds(nugetConfigPath));
|
GetFeeds(() => dotnet.GetNugetFeeds(nugetConfigPath));
|
||||||
|
|
||||||
public string FeedsToRestoreArgument(IEnumerable<string> feeds, string sourceArgumentPrefix)
|
private string FeedsToRestoreArgument(IEnumerable<string> feeds)
|
||||||
{
|
{
|
||||||
// If there are no feeds, we want to override any default feeds that `restore` would use by passing a dummy source argument.
|
// If there are no feeds, we want to override any default feeds that `dotnet restore` would use by passing a dummy source argument.
|
||||||
if (!feeds.Any())
|
if (!feeds.Any())
|
||||||
{
|
{
|
||||||
return $" {sourceArgumentPrefix} \"{emptyPackageDirectory.DirInfo.FullName}\"";
|
return $" -s \"{emptyPackageDirectory.DirInfo.FullName}\"";
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add package sources. If any are present, they override all sources specified in
|
// Add package sources. If any are present, they override all sources specified in
|
||||||
@@ -101,7 +101,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
var feedArgs = new StringBuilder();
|
var feedArgs = new StringBuilder();
|
||||||
foreach (var feed in feeds)
|
foreach (var feed in feeds)
|
||||||
{
|
{
|
||||||
feedArgs.Append($" {sourceArgumentPrefix} \"{feed}\"");
|
feedArgs.Append($" -s \"{feed}\"");
|
||||||
}
|
}
|
||||||
|
|
||||||
return feedArgs.ToString();
|
return feedArgs.ToString();
|
||||||
@@ -112,11 +112,17 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
/// (1) Use the feeds we get from `dotnet nuget list source`
|
/// (1) Use the feeds we get from `dotnet nuget list source`
|
||||||
/// (2) Use private registries, if they are configured
|
/// (2) Use private registries, if they are configured
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="path">Path to project/solution/packages.config</param>
|
/// <param name="path">Path to project/solution</param>
|
||||||
/// <param name="reachableFeeds">The set of reachable NuGet feeds.</param>
|
/// <param name="reachableFeeds">The set of reachable NuGet feeds.</param>
|
||||||
/// <returns>The list of NuGet feeds to use for this restore.</returns>
|
/// <returns>A string representing the NuGet sources argument for the restore command.</returns>
|
||||||
public IEnumerable<string> FeedsToUse(string path, HashSet<string> reachableFeeds)
|
public string? MakeRestoreSourcesArgument(string path, HashSet<string> reachableFeeds)
|
||||||
{
|
{
|
||||||
|
// Do not construct a set of explicit NuGet sources to use for restore.
|
||||||
|
if (!CheckNugetFeedResponsiveness && !HasPrivateRegistryFeeds)
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
// Find the path specific feeds.
|
// Find the path specific feeds.
|
||||||
var folder = GetDirectoryName(path);
|
var folder = GetDirectoryName(path);
|
||||||
var feedsToConsider = folder is not null ? GetFeedsFromFolder(folder).ToHashSet() : new HashSet<string>();
|
var feedsToConsider = folder is not null ? GetFeedsFromFolder(folder).ToHashSet() : new HashSet<string>();
|
||||||
@@ -130,28 +136,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
? feedsToConsider.Where(reachableFeeds.Contains)
|
? feedsToConsider.Where(reachableFeeds.Contains)
|
||||||
: feedsToConsider;
|
: feedsToConsider;
|
||||||
|
|
||||||
return feedsToUse;
|
return FeedsToRestoreArgument(feedsToUse);
|
||||||
}
|
|
||||||
|
|
||||||
/// <summary>
|
|
||||||
/// Constructs the list of NuGet sources to use for dotnet restore.
|
|
||||||
/// (1) Use the feeds we get from `dotnet nuget list source`
|
|
||||||
/// (2) Use private registries, if they are configured
|
|
||||||
/// </summary>
|
|
||||||
/// <param name="path">Path to project/solution</param>
|
|
||||||
/// <param name="reachableFeeds">The set of reachable NuGet feeds.</param>
|
|
||||||
/// <returns>A string representing the NuGet sources argument for the restore command.</returns>
|
|
||||||
public string? MakeDotnetRestoreSourcesArgument(string path, HashSet<string> reachableFeeds)
|
|
||||||
{
|
|
||||||
// Do not construct a set of explicit NuGet sources to use for restore.
|
|
||||||
if (!CheckNugetFeedResponsiveness && !HasPrivateRegistryFeeds)
|
|
||||||
{
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
var feedsToUse = FeedsToUse(path, reachableFeeds);
|
|
||||||
|
|
||||||
return FeedsToRestoreArgument(feedsToUse, "-s");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private (int initialTimeout, int tryCount) GetFeedRequestSettings(bool isFallback)
|
private (int initialTimeout, int tryCount) GetFeedRequestSettings(bool isFallback)
|
||||||
|
|||||||
@@ -110,14 +110,17 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
logger.LogInfo($"Checking NuGet feed responsiveness: {feedManager.CheckNugetFeedResponsiveness}");
|
logger.LogInfo($"Checking NuGet feed responsiveness: {feedManager.CheckNugetFeedResponsiveness}");
|
||||||
compilationInfoContainer.CompilationInfos.Add(("NuGet feed responsiveness checked", feedManager.CheckNugetFeedResponsiveness ? "1" : "0"));
|
compilationInfoContainer.CompilationInfos.Add(("NuGet feed responsiveness checked", feedManager.CheckNugetFeedResponsiveness ? "1" : "0"));
|
||||||
|
|
||||||
|
HashSet<string> explicitFeeds = [];
|
||||||
HashSet<string> reachableFeeds = [];
|
HashSet<string> reachableFeeds = [];
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
EmitNugetConfigDiagnostics();
|
EmitNugetConfigDiagnostics();
|
||||||
|
|
||||||
// Find feeds that are configured in NuGet.config files and divide them into ones that
|
// Find feeds that are configured in NuGet.config files and divide them into ones that
|
||||||
// are explicitly configured for the project or by a private registry, and "all feeds"
|
// are explicitly configured for the project or by a private registry, and "all feeds"
|
||||||
// (including inherited ones) from other locations on the host outside of the working directory.
|
// (including inherited ones) from other locations on the host outside of the working directory.
|
||||||
(var explicitFeeds, var allFeeds) = feedManager.GetAllFeeds();
|
(explicitFeeds, var allFeeds) = feedManager.GetAllFeeds();
|
||||||
|
|
||||||
if (feedManager.CheckNugetFeedResponsiveness)
|
if (feedManager.CheckNugetFeedResponsiveness)
|
||||||
{
|
{
|
||||||
@@ -149,16 +152,16 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
reachableFeeds.UnionWith(reachableInheritedFeeds);
|
reachableFeeds.UnionWith(reachableInheritedFeeds);
|
||||||
}
|
}
|
||||||
|
|
||||||
try
|
using (var packagesConfigRestore = PackagesConfigRestoreFactory.Create(fileProvider, legacyPackageDirectory, logger, feedManager.IsDefaultFeedReachable))
|
||||||
{
|
{
|
||||||
var packagesConfigRestore = PackagesConfigRestoreFactory.Create(fileProvider, legacyPackageDirectory, logger, feedManager, reachableFeeds);
|
|
||||||
var count = packagesConfigRestore.InstallPackages();
|
var count = packagesConfigRestore.InstallPackages();
|
||||||
|
|
||||||
if (packagesConfigRestore.PackageCount > 0)
|
if (packagesConfigRestore.PackageCount > 0)
|
||||||
{
|
{
|
||||||
compilationInfoContainer.CompilationInfos.Add(("packages.config files", packagesConfigRestore.PackageCount.ToString()));
|
compilationInfoContainer.CompilationInfos.Add(("packages.config files", packagesConfigRestore.PackageCount.ToString()));
|
||||||
compilationInfoContainer.CompilationInfos.Add(("Successfully restored packages.config files", count.ToString()));
|
compilationInfoContainer.CompilationInfos.Add(("Successfully restored packages.config files", count.ToString()));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var nugetPackageDlls = legacyPackageDirectory.DirInfo.GetFiles("*.dll", new EnumerationOptions { RecurseSubdirectories = true });
|
var nugetPackageDlls = legacyPackageDirectory.DirInfo.GetFiles("*.dll", new EnumerationOptions { RecurseSubdirectories = true });
|
||||||
var nugetPackageDllPaths = nugetPackageDlls.Select(f => f.FullName).ToHashSet();
|
var nugetPackageDllPaths = nugetPackageDlls.Select(f => f.FullName).ToHashSet();
|
||||||
@@ -236,7 +239,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
var projects = fileProvider.Solutions.SelectMany(solution =>
|
var projects = fileProvider.Solutions.SelectMany(solution =>
|
||||||
{
|
{
|
||||||
logger.LogInfo($"Restoring solution {solution}...");
|
logger.LogInfo($"Restoring solution {solution}...");
|
||||||
var nugetSources = feedManager.MakeDotnetRestoreSourcesArgument(solution, reachableFeeds);
|
var nugetSources = feedManager.MakeRestoreSourcesArgument(solution, reachableFeeds);
|
||||||
var res = dotnet.Restore(new(solution, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
var res = dotnet.Restore(new(solution, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
||||||
if (res.Success)
|
if (res.Success)
|
||||||
{
|
{
|
||||||
@@ -285,7 +288,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
foreach (var project in projectGroup)
|
foreach (var project in projectGroup)
|
||||||
{
|
{
|
||||||
logger.LogInfo($"Restoring project {project}...");
|
logger.LogInfo($"Restoring project {project}...");
|
||||||
var nugetSources = feedManager.MakeDotnetRestoreSourcesArgument(project, reachableFeeds);
|
var nugetSources = feedManager.MakeRestoreSourcesArgument(project, reachableFeeds);
|
||||||
var res = dotnet.Restore(new(project, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
var res = dotnet.Restore(new(project, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, NugetSources: nugetSources, TargetWindows: isWindows));
|
||||||
assets.AddDependenciesRange(res.AssetsFilePaths);
|
assets.AddDependenciesRange(res.AssetsFilePaths);
|
||||||
lock (sync)
|
lock (sync)
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ using Semmle.Util;
|
|||||||
|
|
||||||
namespace Semmle.Extraction.CSharp.DependencyFetching
|
namespace Semmle.Extraction.CSharp.DependencyFetching
|
||||||
{
|
{
|
||||||
internal interface IPackagesConfigRestore
|
internal interface IPackagesConfigRestore : IDisposable
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// The number of packages.config files found in the source tree.
|
/// The number of packages.config files found in the source tree.
|
||||||
@@ -33,11 +33,11 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
/// </summary>
|
/// </summary>
|
||||||
internal class PackagesConfigRestoreFactory
|
internal class PackagesConfigRestoreFactory
|
||||||
{
|
{
|
||||||
public static IPackagesConfigRestore Create(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, FeedManager feedManager, HashSet<string> reachableFeeds)
|
public static IPackagesConfigRestore Create(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, Func<bool> useDefaultFeed)
|
||||||
{
|
{
|
||||||
if (SystemBuildActions.Instance.IsWindows() || SystemBuildActions.Instance.IsMonoInstalled())
|
if (SystemBuildActions.Instance.IsWindows() || SystemBuildActions.Instance.IsMonoInstalled())
|
||||||
{
|
{
|
||||||
return new NugetExeWrapper(fileProvider, packageDirectory, logger, feedManager, reachableFeeds);
|
return new NugetExeWrapper(fileProvider, packageDirectory, logger, useDefaultFeed);
|
||||||
}
|
}
|
||||||
|
|
||||||
return new NoOpPackagesConfig(fileProvider.PackagesConfigs, logger);
|
return new NoOpPackagesConfig(fileProvider.PackagesConfigs, logger);
|
||||||
@@ -55,6 +55,8 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
|
|
||||||
public int PackageCount => fileProvider.PackagesConfigs.Count;
|
public int PackageCount => fileProvider.PackagesConfigs.Count;
|
||||||
|
|
||||||
|
private readonly string? backupNugetConfig;
|
||||||
|
private readonly string? nugetConfigPath;
|
||||||
private readonly FileProvider fileProvider;
|
private readonly FileProvider fileProvider;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@@ -63,30 +65,57 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
/// so as to not trample the source tree.
|
/// so as to not trample the source tree.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
private readonly DependencyDirectory packageDirectory;
|
private readonly DependencyDirectory packageDirectory;
|
||||||
private readonly FeedManager feedManager;
|
|
||||||
private readonly HashSet<string> reachableFeeds;
|
|
||||||
|
|
||||||
private bool IsWindows => SystemBuildActions.Instance.IsWindows();
|
private bool IsWindows => SystemBuildActions.Instance.IsWindows();
|
||||||
|
|
||||||
private bool? isDefaultFeedReachable;
|
|
||||||
private bool IsDefaultFeedReachable =>
|
|
||||||
isDefaultFeedReachable ??= feedManager.IsDefaultFeedReachable();
|
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Create the package manager for a specified source tree.
|
/// Create the package manager for a specified source tree.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public NugetExeWrapper(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, FeedManager feedManager, HashSet<string> reachableFeeds)
|
public NugetExeWrapper(FileProvider fileProvider, DependencyDirectory packageDirectory, Semmle.Util.Logging.ILogger logger, Func<bool> useDefaultFeed)
|
||||||
{
|
{
|
||||||
this.fileProvider = fileProvider;
|
this.fileProvider = fileProvider;
|
||||||
this.packageDirectory = packageDirectory;
|
this.packageDirectory = packageDirectory;
|
||||||
this.logger = logger;
|
this.logger = logger;
|
||||||
this.feedManager = feedManager;
|
|
||||||
this.reachableFeeds = reachableFeeds;
|
|
||||||
|
|
||||||
if (fileProvider.PackagesConfigs.Count > 0)
|
if (fileProvider.PackagesConfigs.Count > 0)
|
||||||
{
|
{
|
||||||
logger.LogInfo($"Found packages.config files, trying to use nuget.exe for package restore");
|
logger.LogInfo($"Found packages.config files, trying to use nuget.exe for package restore");
|
||||||
nugetExe = ResolveNugetExe();
|
nugetExe = ResolveNugetExe();
|
||||||
|
if (!HasPackageSource() && useDefaultFeed())
|
||||||
|
{
|
||||||
|
// We only modify or add a top level nuget.config file
|
||||||
|
nugetConfigPath = Path.Join(fileProvider.SourceDir.FullName, "nuget.config");
|
||||||
|
try
|
||||||
|
{
|
||||||
|
if (File.Exists(nugetConfigPath))
|
||||||
|
{
|
||||||
|
var tempFolderPath = FileUtils.GetTemporaryWorkingDirectory(out _);
|
||||||
|
|
||||||
|
do
|
||||||
|
{
|
||||||
|
backupNugetConfig = Path.Join(tempFolderPath, Path.GetRandomFileName());
|
||||||
|
}
|
||||||
|
while (File.Exists(backupNugetConfig));
|
||||||
|
File.Copy(nugetConfigPath, backupNugetConfig, true);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
File.WriteAllText(nugetConfigPath,
|
||||||
|
"""
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<configuration>
|
||||||
|
<packageSources>
|
||||||
|
</packageSources>
|
||||||
|
</configuration>
|
||||||
|
""");
|
||||||
|
}
|
||||||
|
AddDefaultPackageSource(nugetConfigPath);
|
||||||
|
}
|
||||||
|
catch (Exception e)
|
||||||
|
{
|
||||||
|
logger.LogError($"Failed to add default package source to {nugetConfigPath}: {e}");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -169,21 +198,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
{
|
{
|
||||||
logger.LogInfo($"Restoring file \"{packagesConfig}\"...");
|
logger.LogInfo($"Restoring file \"{packagesConfig}\"...");
|
||||||
|
|
||||||
var sourcesArgument = "";
|
|
||||||
var feedsToUse = feedManager.FeedsToUse(packagesConfig, reachableFeeds).ToList();
|
|
||||||
var useDefaultFeed = feedsToUse.Count == 0 && IsDefaultFeedReachable;
|
|
||||||
|
|
||||||
// Explicitly construct the sources to be used for the restore command when checking feed
|
|
||||||
// responsiveness, using private registries, or falling back to nuget.org.
|
|
||||||
if (feedManager.CheckNugetFeedResponsiveness || feedManager.HasPrivateRegistryFeeds || useDefaultFeed)
|
|
||||||
{
|
|
||||||
if (useDefaultFeed)
|
|
||||||
{
|
|
||||||
feedsToUse.Add(FeedManager.PublicNugetOrgFeed);
|
|
||||||
}
|
|
||||||
sourcesArgument = feedManager.FeedsToRestoreArgument(feedsToUse, "-Source");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Use nuget.exe to install a package.
|
/* Use nuget.exe to install a package.
|
||||||
* Note that there is a clutch of NuGet assemblies which could be used to
|
* Note that there is a clutch of NuGet assemblies which could be used to
|
||||||
* invoke this directly, which would arguably be nicer. However they are
|
* invoke this directly, which would arguably be nicer. However they are
|
||||||
@@ -194,12 +208,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
if (RunWithMono)
|
if (RunWithMono)
|
||||||
{
|
{
|
||||||
exe = "mono";
|
exe = "mono";
|
||||||
args = $"\"{nugetExe}\" install -OutputDirectory \"{packageDirectory}\" {sourcesArgument} \"{packagesConfig}\"";
|
args = $"\"{nugetExe}\" install -OutputDirectory \"{packageDirectory}\" \"{packagesConfig}\"";
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
exe = nugetExe!;
|
exe = nugetExe!;
|
||||||
args = $"install -OutputDirectory \"{packageDirectory}\" {sourcesArgument} \"{packagesConfig}\"";
|
args = $"install -OutputDirectory \"{packageDirectory}\" \"{packagesConfig}\"";
|
||||||
}
|
}
|
||||||
|
|
||||||
var pi = new ProcessStartInfo(exe, args)
|
var pi = new ProcessStartInfo(exe, args)
|
||||||
@@ -232,6 +246,98 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
{
|
{
|
||||||
return fileProvider.PackagesConfigs.Count(TryRestoreNugetPackage);
|
return fileProvider.PackagesConfigs.Count(TryRestoreNugetPackage);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private bool HasPackageSource()
|
||||||
|
{
|
||||||
|
if (IsWindows)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
logger.LogInfo("Checking if default package source is available...");
|
||||||
|
RunMonoNugetCommand("sources list -ForceEnglishOutput", out var stdout);
|
||||||
|
if (stdout.All(line => line != "No sources found."))
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
catch (Exception e)
|
||||||
|
{
|
||||||
|
logger.LogWarning($"Failed to check if default package source is added: {e}");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void RunMonoNugetCommand(string command, out IList<string> stdout)
|
||||||
|
{
|
||||||
|
string exe, args;
|
||||||
|
if (RunWithMono)
|
||||||
|
{
|
||||||
|
exe = "mono";
|
||||||
|
args = $"\"{nugetExe}\" {command}";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
exe = nugetExe!;
|
||||||
|
args = command;
|
||||||
|
}
|
||||||
|
|
||||||
|
var pi = new ProcessStartInfo(exe, args)
|
||||||
|
{
|
||||||
|
RedirectStandardOutput = true,
|
||||||
|
RedirectStandardError = true,
|
||||||
|
UseShellExecute = false
|
||||||
|
};
|
||||||
|
|
||||||
|
var threadId = Environment.CurrentManagedThreadId;
|
||||||
|
void onOut(string s) => logger.LogDebug(s, threadId);
|
||||||
|
void onError(string s) => logger.LogError(s, threadId);
|
||||||
|
pi.ReadOutput(out stdout, onOut, onError);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void AddDefaultPackageSource(string nugetConfig)
|
||||||
|
{
|
||||||
|
logger.LogInfo("Adding default package source...");
|
||||||
|
RunMonoNugetCommand($"sources add -Name DefaultNugetOrg -Source {FeedManager.PublicNugetOrgFeed} -ConfigFile \"{nugetConfig}\"", out _);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void Dispose()
|
||||||
|
{
|
||||||
|
if (nugetConfigPath is null)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
if (backupNugetConfig is null)
|
||||||
|
{
|
||||||
|
logger.LogInfo("Removing nuget.config file");
|
||||||
|
File.Delete(nugetConfigPath);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.LogInfo("Reverting nuget.config file content");
|
||||||
|
// The content of the original nuget.config file is reverted without changing the file's attributes or casing:
|
||||||
|
using (var backup = File.OpenRead(backupNugetConfig))
|
||||||
|
using (var current = File.OpenWrite(nugetConfigPath))
|
||||||
|
{
|
||||||
|
current.SetLength(0); // Truncate file
|
||||||
|
backup.CopyTo(current); // Restore original content
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.LogInfo("Deleting backup nuget.config file");
|
||||||
|
File.Delete(backupNugetConfig);
|
||||||
|
}
|
||||||
|
catch (Exception exc)
|
||||||
|
{
|
||||||
|
logger.LogError($"Failed to restore original nuget.config file: {exc}");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private class NoOpPackagesConfig : IPackagesConfigRestore
|
private class NoOpPackagesConfig : IPackagesConfigRestore
|
||||||
@@ -255,6 +361,8 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
|
|||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void Dispose() { }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
class Program
|
|
||||||
{
|
|
||||||
static void Main() {}
|
|
||||||
}
|
|
||||||
@@ -1,10 +0,0 @@
|
|||||||
<Project Sdk="Microsoft.NET.Sdk">
|
|
||||||
|
|
||||||
<PropertyGroup>
|
|
||||||
<OutputType>Exe</OutputType>
|
|
||||||
<TargetFramework>net9.0</TargetFramework>
|
|
||||||
<ImplicitUsings>enable</ImplicitUsings>
|
|
||||||
<Nullable>enable</Nullable>
|
|
||||||
</PropertyGroup>
|
|
||||||
|
|
||||||
</Project>
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
{
|
|
||||||
"sdk": {
|
|
||||||
"version": "9.0.201"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,8 +0,0 @@
|
|||||||
| code/Program.cs:0:0:0:0 | code/Program.cs | |
|
|
||||||
| code/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | code/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs | |
|
|
||||||
| code/obj/Debug/net9.0/dotnet_build.AssemblyInfo.cs:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.AssemblyInfo.cs | |
|
|
||||||
| code/obj/Debug/net9.0/dotnet_build.GlobalUsings.g.cs:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.GlobalUsings.g.cs | |
|
|
||||||
| code/obj/Debug/net9.0/dotnet_build.dll:0:0:0:0 | code/obj/Debug/net9.0/dotnet_build.dll | |
|
|
||||||
| file://:0:0:0:0 | | |
|
|
||||||
| file://Z:/dotnet_build.csproj:0:0:0:0 | Z:/dotnet_build.csproj | relative |
|
|
||||||
| file://Z:/obj/dotnet_build.csproj.nuget.g.props:0:0:0:0 | Z:/obj/dotnet_build.csproj.nuget.g.props | relative |
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import csharp
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where
|
|
||||||
not f.getURL().matches("file://C:/Program Files/%") and
|
|
||||||
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, csharp, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(source_root=drive)
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
---
|
|
||||||
* Simplified and streamlined the use of NuGet sources when downloading dependencies via `[mono] nuget.exe` in `build-mode: none`: NuGet sources are now supplied via the `-Source` flag instead of moving or creating `nuget.config` files in the checked-out repository, private registries are used if configured, and only reachable feeds are used when NuGet feed checking is enabled (the default).
|
|
||||||
@@ -714,7 +714,7 @@ predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo, string model) {
|
|||||||
) and
|
) and
|
||||||
model = ""
|
model = ""
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -34,8 +34,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::CsharpDataFlow>
|
|||||||
|
|
||||||
class SinkBase = Void;
|
class SinkBase = Void;
|
||||||
|
|
||||||
class FlowSummaryCallBase = Void;
|
|
||||||
|
|
||||||
predicate neutralElement(SummarizedCallableBase c, string kind, string provenance, boolean isExact) {
|
predicate neutralElement(SummarizedCallableBase c, string kind, string provenance, boolean isExact) {
|
||||||
interpretNeutral(c, kind, provenance, isExact)
|
interpretNeutral(c, kind, provenance, isExact)
|
||||||
}
|
}
|
||||||
@@ -203,10 +201,6 @@ private module TypesInput implements Impl::Private::TypesInputSig {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private module StepsInput implements Impl::Private::StepsInputSig {
|
private module StepsInput implements Impl::Private::StepsInputSig {
|
||||||
Impl::Private::SummaryNode getSummaryNode(Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
||||||
sc = viableCallable(result).asSummarizedCallable()
|
sc = viableCallable(result).asSummarizedCallable()
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -171,7 +171,7 @@ private module Cached {
|
|||||||
) and
|
) and
|
||||||
model = ""
|
model = ""
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), false, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), false, model)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -186,6 +186,13 @@ private Expr aspWrittenValue(AspInlineMember m) {
|
|||||||
m.getMember().(Callable).canReturn(result)
|
m.getMember().(Callable).canReturn(result)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private string makeUrl(Location l) {
|
||||||
|
exists(string path, int sl, int sc, int el, int ec |
|
||||||
|
l.hasLocationInfo(path, sl, sc, el, ec) and
|
||||||
|
result = "file://" + path + ":" + sl + ":" + sc + ":" + el + ":" + ec
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A sink for writes to properties that are accessed in ASP pages.
|
* A sink for writes to properties that are accessed in ASP pages.
|
||||||
*
|
*
|
||||||
@@ -201,7 +208,10 @@ private class AspxCodeSink extends Sink {
|
|||||||
|
|
||||||
AspxCodeSink() { this.getExpr() = aspWrittenValue(inline) }
|
AspxCodeSink() { this.getExpr() = aspWrittenValue(inline) }
|
||||||
|
|
||||||
override string explanation() { result = "member is accessed inline in an ASPX page" }
|
override string explanation() {
|
||||||
|
result =
|
||||||
|
"member is [[\"accessed inline\"|\"" + makeUrl(inline.getLocation()) + "\"]] in an ASPX page"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/** A sink for the output stream associated with a `HttpListenerResponse`. */
|
/** A sink for the output stream associated with a `HttpListenerResponse`. */
|
||||||
|
|||||||
@@ -123,7 +123,7 @@ k8s.io/api/core,,,10,,,,,,,,,,,,,,,,,,,,,,,10,
|
|||||||
k8s.io/apimachinery/pkg/runtime,,,47,,,,,,,,,,,,,,,,,,,,,,,47,
|
k8s.io/apimachinery/pkg/runtime,,,47,,,,,,,,,,,,,,,,,,,,,,,47,
|
||||||
k8s.io/klog,90,,,,,,90,,,,,,,,,,,,,,,,,,,,
|
k8s.io/klog,90,,,,,,90,,,,,,,,,,,,,,,,,,,,
|
||||||
launchpad.net/xmlpath,2,,,,,,,,,,,,,,,,,,2,,,,,,,,
|
launchpad.net/xmlpath,2,,,,,,,,,,,,,,,,,,2,,,,,,,,
|
||||||
log,43,,16,,,,43,,,,,,,,,,,,,,,,,,,16,
|
log,40,,3,,,,40,,,,,,,,,,,,,,,,,,,3,
|
||||||
math/big,,,1,,,,,,,,,,,,,,,,,,,,,,,1,
|
math/big,,,1,,,,,,,,,,,,,,,,,,,,,,,1,
|
||||||
mime,,,14,,,,,,,,,,,,,,,,,,,,,,,14,
|
mime,,,14,,,,,,,,,,,,,,,,,,,,,,,14,
|
||||||
net,2,16,100,,,,,,1,,,,,,,,1,,,,,,,16,,100,
|
net,2,16,100,,,,,,1,,,,,,,,1,,,,,,,16,,100,
|
||||||
|
|||||||
|
@@ -32,7 +32,7 @@ Go framework & library support
|
|||||||
`Revel <http://revel.github.io/>`_,"``github.com/revel/revel*``, ``github.com/robfig/revel*``",46,20,4
|
`Revel <http://revel.github.io/>`_,"``github.com/revel/revel*``, ``github.com/robfig/revel*``",46,20,4
|
||||||
`SendGrid <https://github.com/sendgrid/sendgrid-go>`_,``github.com/sendgrid/sendgrid-go*``,,1,
|
`SendGrid <https://github.com/sendgrid/sendgrid-go>`_,``github.com/sendgrid/sendgrid-go*``,,1,
|
||||||
`Squirrel <https://github.com/Masterminds/squirrel>`_,"``github.com/Masterminds/squirrel*``, ``github.com/lann/squirrel*``, ``gopkg.in/Masterminds/squirrel``",81,,96
|
`Squirrel <https://github.com/Masterminds/squirrel>`_,"``github.com/Masterminds/squirrel*``, ``github.com/lann/squirrel*``, ``gopkg.in/Masterminds/squirrel``",81,,96
|
||||||
`Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``, ``weak``",52,625,127
|
`Standard library <https://pkg.go.dev/std>`_,"````, ``archive/*``, ``bufio``, ``bytes``, ``cmp``, ``compress/*``, ``container/*``, ``context``, ``crypto``, ``crypto/*``, ``database/*``, ``debug/*``, ``embed``, ``encoding``, ``encoding/*``, ``errors``, ``expvar``, ``flag``, ``fmt``, ``go/*``, ``hash``, ``hash/*``, ``html``, ``html/*``, ``image``, ``image/*``, ``index/*``, ``io``, ``io/*``, ``log``, ``log/*``, ``maps``, ``math``, ``math/*``, ``mime``, ``mime/*``, ``net``, ``net/*``, ``os``, ``os/*``, ``path``, ``path/*``, ``plugin``, ``reflect``, ``reflect/*``, ``regexp``, ``regexp/*``, ``slices``, ``sort``, ``strconv``, ``strings``, ``sync``, ``sync/*``, ``syscall``, ``syscall/*``, ``testing``, ``testing/*``, ``text/*``, ``time``, ``time/*``, ``unicode``, ``unicode/*``, ``unsafe``, ``weak``",52,612,124
|
||||||
`XORM <https://xorm.io>`_,"``github.com/go-xorm/xorm*``, ``xorm.io/xorm*``",,,68
|
`XORM <https://xorm.io>`_,"``github.com/go-xorm/xorm*``, ``xorm.io/xorm*``",,,68
|
||||||
`XPath <https://github.com/antchfx/xpath>`_,``github.com/antchfx/xpath*``,,,4
|
`XPath <https://github.com/antchfx/xpath>`_,``github.com/antchfx/xpath*``,,,4
|
||||||
`appleboy/gin-jwt <https://github.com/appleboy/gin-jwt>`_,``github.com/appleboy/gin-jwt*``,,,1
|
`appleboy/gin-jwt <https://github.com/appleboy/gin-jwt>`_,``github.com/appleboy/gin-jwt*``,,,1
|
||||||
@@ -74,5 +74,5 @@ Go framework & library support
|
|||||||
`xpathparser <https://github.com/santhosh-tekuri/xpathparser>`_,``github.com/santhosh-tekuri/xpathparser*``,,,2
|
`xpathparser <https://github.com/santhosh-tekuri/xpathparser>`_,``github.com/santhosh-tekuri/xpathparser*``,,,2
|
||||||
`yaml <https://gopkg.in/yaml.v3>`_,``gopkg.in/yaml*``,,9,
|
`yaml <https://gopkg.in/yaml.v3>`_,``gopkg.in/yaml*``,,9,
|
||||||
`zap <https://go.uber.org/zap>`_,``go.uber.org/zap*``,,11,33
|
`zap <https://go.uber.org/zap>`_,``go.uber.org/zap*``,,11,33
|
||||||
Totals,,688,1085,1580
|
Totals,,688,1072,1577
|
||||||
|
|
||||||
|
|||||||
@@ -1,3 +0,0 @@
|
|||||||
package main
|
|
||||||
|
|
||||||
func main() {}
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
| file://Z:/main.go:0:0:0:0 | Z:/main.go | relative |
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
import go
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, go, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(command="go build main.go", source_root=drive)
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* Improved models for the `log/slog` package (Go 1.21+), including `*slog.Logger` methods, `With`/`WithGroup`, and `Attr`/`Value` helpers, improving coverage for the `go/log-injection` and `go/clear-text-logging` queries.
|
|
||||||
@@ -27,27 +27,3 @@ extensions:
|
|||||||
- ["log/slog", "Logger", True, "ErrorContext", "", "", "Argument[1..2]", "log-injection", "manual"]
|
- ["log/slog", "Logger", True, "ErrorContext", "", "", "Argument[1..2]", "log-injection", "manual"]
|
||||||
- ["log/slog", "Logger", True, "Log", "", "", "Argument[2..3]", "log-injection", "manual"]
|
- ["log/slog", "Logger", True, "Log", "", "", "Argument[2..3]", "log-injection", "manual"]
|
||||||
- ["log/slog", "Logger", True, "LogAttrs", "", "", "Argument[2..3]", "log-injection", "manual"]
|
- ["log/slog", "Logger", True, "LogAttrs", "", "", "Argument[2..3]", "log-injection", "manual"]
|
||||||
# With/WithGroup add attributes that are included in every subsequent log call.
|
|
||||||
- ["log/slog", "", False, "With", "", "", "Argument[0]", "log-injection", "manual"]
|
|
||||||
- ["log/slog", "Logger", True, "With", "", "", "Argument[0]", "log-injection", "manual"]
|
|
||||||
- ["log/slog", "Logger", True, "WithGroup", "", "", "Argument[0]", "log-injection", "manual"]
|
|
||||||
- addsTo:
|
|
||||||
pack: codeql/go-all
|
|
||||||
extensible: summaryModel
|
|
||||||
data:
|
|
||||||
# Constructors for Attr that can carry a tainted string into the result.
|
|
||||||
- ["log/slog", "", False, "Any", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "Group", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "Group", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "GroupAttrs", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "GroupAttrs", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "String", "", "", "Argument[0..1]", "ReturnValue", "taint", "manual"]
|
|
||||||
# Constructors for Value that can carry a tainted string into the result.
|
|
||||||
- ["log/slog", "", False, "AnyValue", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "GroupValue", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "", False, "StringValue", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
|
|
||||||
# Methods that read a string back out of an Attr or Value.
|
|
||||||
- ["log/slog", "Attr", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "Value", True, "Any", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
|
||||||
- ["log/slog", "Value", True, "Group", "", "", "Argument[receiver]", "ReturnValue.ArrayElement", "taint", "manual"]
|
|
||||||
- ["log/slog", "Value", True, "String", "", "", "Argument[receiver]", "ReturnValue", "taint", "manual"]
|
|
||||||
|
|||||||
@@ -141,7 +141,7 @@ predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo, string model) {
|
|||||||
any(FunctionModel m).flowStep(nodeFrom, nodeTo) and
|
any(FunctionModel m).flowStep(nodeFrom, nodeTo) and
|
||||||
model = "FunctionModel"
|
model = "FunctionModel"
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -31,8 +31,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::GoDataFlow> {
|
|||||||
|
|
||||||
class SinkBase = Void;
|
class SinkBase = Void;
|
||||||
|
|
||||||
class FlowSummaryCallBase = Void;
|
|
||||||
|
|
||||||
predicate callableFromSource(SummarizedCallableBase c) { exists(c.getFuncDef()) }
|
predicate callableFromSource(SummarizedCallableBase c) { exists(c.getFuncDef()) }
|
||||||
|
|
||||||
predicate neutralElement(
|
predicate neutralElement(
|
||||||
@@ -115,10 +113,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::GoDataFlow> {
|
|||||||
private import Make<Location, DataFlowImplSpecific::GoDataFlow, Input> as Impl
|
private import Make<Location, DataFlowImplSpecific::GoDataFlow, Input> as Impl
|
||||||
|
|
||||||
private module StepsInput implements Impl::Private::StepsInputSig {
|
private module StepsInput implements Impl::Private::StepsInputSig {
|
||||||
Impl::Private::SummaryNode getSummaryNode(Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
||||||
exists(DataFlow::CallNode call |
|
exists(DataFlow::CallNode call |
|
||||||
call.asExpr() = result and
|
call.asExpr() = result and
|
||||||
|
|||||||
@@ -109,8 +109,8 @@ private predicate localAdditionalForwardTaintStep(
|
|||||||
or
|
or
|
||||||
any(AdditionalTaintStep a).step(pred, succ) and model = "AdditionalTaintStep"
|
any(AdditionalTaintStep a).step(pred, succ) and model = "AdditionalTaintStep"
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(pred,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(pred.(DataFlowPrivate::FlowSummaryNode)
|
||||||
succ.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false, model)
|
.getSummaryNode(), succ.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -37,9 +37,4 @@ func slogTest() {
|
|||||||
slog.InfoContext(ctx, text, key, v) // $ logger=text logger=key logger=v
|
slog.InfoContext(ctx, text, key, v) // $ logger=text logger=key logger=v
|
||||||
slog.Log(ctx, slog.LevelInfo, text, key, v) // $ logger=text logger=key logger=v
|
slog.Log(ctx, slog.LevelInfo, text, key, v) // $ logger=text logger=key logger=v
|
||||||
slog.LogAttrs(ctx, slog.LevelInfo, text, attr) // $ logger=text logger=attr
|
slog.LogAttrs(ctx, slog.LevelInfo, text, attr) // $ logger=text logger=attr
|
||||||
|
|
||||||
// With/WithGroup add attributes that are included in every subsequent log call.
|
|
||||||
logger.With(key, v) // $ logger=key logger=v
|
|
||||||
logger.WithGroup(text) // $ logger=text
|
|
||||||
slog.With(key, v) // $ logger=key logger=v
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,2 +0,0 @@
|
|||||||
reverseRead
|
|
||||||
| test.go:114:21:114:33 | call to Group | Origin of readStep is missing a PostUpdateNode. |
|
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
invalidModelRow
|
|
||||||
testFailures
|
|
||||||
@@ -1,14 +0,0 @@
|
|||||||
import go
|
|
||||||
import semmle.go.dataflow.ExternalFlow
|
|
||||||
import ModelValidation
|
|
||||||
import utils.test.InlineFlowTest
|
|
||||||
|
|
||||||
module Config implements DataFlow::ConfigSig {
|
|
||||||
predicate isSource(DataFlow::Node source) {
|
|
||||||
source.(DataFlow::CallNode).getTarget().getName() = ["getUntrustedData", "getUntrustedString"]
|
|
||||||
}
|
|
||||||
|
|
||||||
predicate isSink(DataFlow::Node sink) { sink = any(LoggerCall log).getAMessageComponent() }
|
|
||||||
}
|
|
||||||
|
|
||||||
import FlowTest<Config, Config>
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
module codeql-go-tests/frameworks/slog
|
|
||||||
|
|
||||||
go 1.26
|
|
||||||
@@ -1,115 +0,0 @@
|
|||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"log/slog"
|
|
||||||
)
|
|
||||||
|
|
||||||
func main() {}
|
|
||||||
|
|
||||||
func getUntrustedData() interface{} { return nil }
|
|
||||||
|
|
||||||
func getUntrustedString() string {
|
|
||||||
return "tainted string"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Package-level convenience functions.
|
|
||||||
|
|
||||||
func testSlogDebug() {
|
|
||||||
slog.Debug(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.Debug("msg", "key", getUntrustedData()) // $ hasValueFlow="call to getUntrustedData"
|
|
||||||
slog.Debug("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testSlogInfo() {
|
|
||||||
slog.Info(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.Info("msg", slog.Any("key", getUntrustedData())) // $ hasTaintFlow="call to Any"
|
|
||||||
slog.Info("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testSlogWarn() {
|
|
||||||
slog.Warn(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.Warn("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testSlogError() {
|
|
||||||
slog.Error(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.Error("msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testSlogContextVariants(ctx context.Context) {
|
|
||||||
slog.DebugContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.InfoContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.WarnContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.ErrorContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.InfoContext(ctx, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testSlogLog(ctx context.Context) {
|
|
||||||
slog.Log(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.Log(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
slog.LogAttrs(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
slog.LogAttrs(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Methods on *slog.Logger.
|
|
||||||
|
|
||||||
func testLoggerMethods(logger *slog.Logger, ctx context.Context) {
|
|
||||||
logger.Debug(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.Info(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.Warn(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.Error(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.Info("msg", slog.Any("key", getUntrustedData())) // $ hasTaintFlow="call to Any"
|
|
||||||
logger.InfoContext(ctx, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.Log(ctx, slog.LevelInfo, getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
logger.LogAttrs(ctx, slog.LevelInfo, "msg", slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
}
|
|
||||||
|
|
||||||
// With, Logger.With and Logger.WithGroup. Note that for ease of modeling we make these functions
|
|
||||||
// sinks, although strictly speaking we should consider logging functions called on the returned
|
|
||||||
// loggers as the sinks.
|
|
||||||
|
|
||||||
func testWith(logger *slog.Logger) {
|
|
||||||
logger1 := logger.With(slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
logger1.Info("hello world")
|
|
||||||
logger2 := logger.With(slog.Any(getUntrustedString(), nil)) // $ hasTaintFlow="call to Any"
|
|
||||||
logger2.Info("hello world")
|
|
||||||
logger.With("key", getUntrustedData()).Info("hello world") // $ hasValueFlow="call to getUntrustedData"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testPackageWith() {
|
|
||||||
logger := slog.With(slog.String("key", getUntrustedString())) // $ hasTaintFlow="call to String"
|
|
||||||
logger.Info("hello world")
|
|
||||||
slog.With("key", getUntrustedData()).Info("hello world") // $ hasValueFlow="call to getUntrustedData"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testWithGroup(logger *slog.Logger) {
|
|
||||||
grouped := logger.WithGroup(getUntrustedString()) // $ hasValueFlow="call to getUntrustedString"
|
|
||||||
grouped.Info("hello world")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Summary models: functions relating to Attr/Value that propagate strings.
|
|
||||||
|
|
||||||
func testAttrConstructors(logger *slog.Logger) {
|
|
||||||
logger.Info("msg", slog.Group("group", slog.String("key", getUntrustedString()))) // $ hasTaintFlow="call to Group"
|
|
||||||
logger.Info("msg", slog.GroupAttrs("group", slog.String("key", getUntrustedString()))) // $ hasTaintFlow="call to GroupAttrs"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testValueConstructors(logger *slog.Logger) {
|
|
||||||
logger.Info("msg", "key", slog.AnyValue(getUntrustedString())) // $ hasTaintFlow="call to AnyValue"
|
|
||||||
logger.Info("msg", "key", slog.StringValue(getUntrustedString())) // $ hasTaintFlow="call to StringValue"
|
|
||||||
attr := slog.String("key", getUntrustedString())
|
|
||||||
logger.Info("msg", "key", slog.GroupValue(attr)) // $ hasTaintFlow="call to GroupValue"
|
|
||||||
}
|
|
||||||
|
|
||||||
func testAttrAndValueAccessors(logger *slog.Logger) {
|
|
||||||
attr := slog.String("key", getUntrustedString())
|
|
||||||
logger.Info("msg", "key", attr.String()) // $ hasTaintFlow="call to String"
|
|
||||||
|
|
||||||
v := slog.AnyValue(getUntrustedString())
|
|
||||||
logger.Info("msg", "key", v.Any()) // $ hasTaintFlow="call to Any"
|
|
||||||
logger.Info("msg", "key", v.String()) // $ hasTaintFlow="call to String"
|
|
||||||
|
|
||||||
group := slog.GroupValue(slog.String("key", getUntrustedString()))
|
|
||||||
logger.Info("msg", group.Group()[0]) // $ hasTaintFlow="index expression"
|
|
||||||
}
|
|
||||||
@@ -188,8 +188,6 @@ org.apache.hadoop.hive.ql.metadata,1,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,
|
|||||||
org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,84,,,,,,,,,,,,,,,,,,
|
org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,84,,,,,,,,,,,,,,,,,,
|
||||||
org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,37,,,,,,,,,,,,,,,,,,
|
org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,37,,,,,,,,,,,,,,,,,,
|
||||||
org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,,,,,,,
|
org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,,,,,,,
|
||||||
org.apache.hc.client5.http.protocol,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1
|
|
||||||
org.apache.hc.client5.http.utils,,,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,
|
|
||||||
org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,
|
org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,
|
||||||
org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
|
org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
|
||||||
org.apache.hc.core5.http,73,2,45,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,72,,,,,,,,,,,,,,,,2,45,
|
org.apache.hc.core5.http,73,2,45,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,72,,,,,,,,,,,,,,,,2,45,
|
||||||
|
|||||||
|
@@ -40,6 +40,6 @@ Java framework & library support
|
|||||||
`Spring <https://spring.io/>`_,``org.springframework.*``,46,494,143,26,,28,14,,35
|
`Spring <https://spring.io/>`_,``org.springframework.*``,46,494,143,26,,28,14,,35
|
||||||
`Thymeleaf <https://www.thymeleaf.org/>`_,``org.thymeleaf``,,2,2,,,,,,
|
`Thymeleaf <https://www.thymeleaf.org/>`_,``org.thymeleaf``,,2,2,,,,,,
|
||||||
`jOOQ <https://www.jooq.org/>`_,``org.jooq``,,,1,,,1,,,
|
`jOOQ <https://www.jooq.org/>`_,``org.jooq``,,,1,,,1,,,
|
||||||
Others,"``actions.osgi``, ``antlr``, ``ch.ethz.ssh2``, ``cn.hutool.core.codec``, ``com.alibaba.com.caucho.hessian.io``, ``com.alibaba.druid.sql``, ``com.alibaba.fastjson2``, ``com.amazonaws.auth``, ``com.auth0.jwt.algorithms``, ``com.azure.identity``, ``com.caucho.burlap.io``, ``com.caucho.hessian.io``, ``com.cedarsoftware.util.io``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.esotericsoftware.yamlbeans``, ``com.hubspot.jinjava``, ``com.jcraft.jsch``, ``com.microsoft.sqlserver.jdbc``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2``, ``com.sshtools.j2ssh.authentication``, ``com.sun.crypto.provider``, ``com.sun.jndi.ldap``, ``com.sun.net.httpserver``, ``com.sun.net.ssl``, ``com.sun.rowset``, ``com.sun.security.auth.module``, ``com.sun.security.ntlm``, ``com.sun.security.sasl.digest``, ``com.thoughtworks.xstream``, ``com.trilead.ssh2``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``hudson``, ``io.jsonwebtoken``, ``io.undertow.server.handlers.resource``, ``javafx.scene.web``, ``jenkins``, ``jodd.json``, ``liquibase.database.jvm``, ``liquibase.statement.core``, ``net.lingala.zip4j``, ``net.schmizz.sshj``, ``net.sf.json``, ``net.sf.saxon.s9api``, ``ognl``, ``org.acegisecurity``, ``org.antlr.runtime``, ``org.apache.avro``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.exec``, ``org.apache.commons.fileupload``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.lang``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.cxf.catalog``, ``org.apache.cxf.common.classloader``, ``org.apache.cxf.common.jaxb``, ``org.apache.cxf.common.logging``, ``org.apache.cxf.configuration.jsse``, ``org.apache.cxf.helpers``, ``org.apache.cxf.resource``, ``org.apache.cxf.staxutils``, ``org.apache.cxf.tools.corba.utils``, ``org.apache.cxf.tools.util``, ``org.apache.cxf.transform``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hadoop.hive.ql.exec``, ``org.apache.hadoop.hive.ql.metadata``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hc.client5.http.protocol``, ``org.apache.hc.client5.http.utils``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.ibatis.mapping``, ``org.apache.log4j``, ``org.apache.shiro.authc``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.shiro.mgt``, ``org.apache.sshd.client.session``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.codehaus.cargo.container.installer``, ``org.dom4j``, ``org.exolab.castor.xml``, ``org.fusesource.leveldbjni``, ``org.geogebra.web.full.main``, ``org.gradle.api.file``, ``org.ho.yaml``, ``org.influxdb``, ``org.jabsorb``, ``org.jboss.vfs``, ``org.jdbi.v3.core``, ``org.jenkins.ui.icon``, ``org.jenkins.ui.symbol``, ``org.keycloak.models.map.storage``, ``org.kohsuke.stapler``, ``org.lastaflute.web``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.owasp.esapi``, ``org.pac4j.jwt.config.encryption``, ``org.pac4j.jwt.config.signature``, ``org.scijava.log``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.libs.ws``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``software.amazon.awssdk.transfer.s3.model``, ``sun.jvmstat.perfdata.monitor.protocol.local``, ``sun.jvmstat.perfdata.monitor.protocol.rmi``, ``sun.misc``, ``sun.net.ftp``, ``sun.net.www.protocol.http``, ``sun.security.acl``, ``sun.security.jgss.krb5``, ``sun.security.krb5``, ``sun.security.pkcs``, ``sun.security.pkcs11``, ``sun.security.provider``, ``sun.security.ssl``, ``sun.security.x509``, ``sun.tools.jconsole``",127,6042,775,148,6,14,18,,186
|
Others,"``actions.osgi``, ``antlr``, ``ch.ethz.ssh2``, ``cn.hutool.core.codec``, ``com.alibaba.com.caucho.hessian.io``, ``com.alibaba.druid.sql``, ``com.alibaba.fastjson2``, ``com.amazonaws.auth``, ``com.auth0.jwt.algorithms``, ``com.azure.identity``, ``com.caucho.burlap.io``, ``com.caucho.hessian.io``, ``com.cedarsoftware.util.io``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.esotericsoftware.yamlbeans``, ``com.hubspot.jinjava``, ``com.jcraft.jsch``, ``com.microsoft.sqlserver.jdbc``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2``, ``com.sshtools.j2ssh.authentication``, ``com.sun.crypto.provider``, ``com.sun.jndi.ldap``, ``com.sun.net.httpserver``, ``com.sun.net.ssl``, ``com.sun.rowset``, ``com.sun.security.auth.module``, ``com.sun.security.ntlm``, ``com.sun.security.sasl.digest``, ``com.thoughtworks.xstream``, ``com.trilead.ssh2``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``hudson``, ``io.jsonwebtoken``, ``io.undertow.server.handlers.resource``, ``javafx.scene.web``, ``jenkins``, ``jodd.json``, ``liquibase.database.jvm``, ``liquibase.statement.core``, ``net.lingala.zip4j``, ``net.schmizz.sshj``, ``net.sf.json``, ``net.sf.saxon.s9api``, ``ognl``, ``org.acegisecurity``, ``org.antlr.runtime``, ``org.apache.avro``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.exec``, ``org.apache.commons.fileupload``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.lang``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.cxf.catalog``, ``org.apache.cxf.common.classloader``, ``org.apache.cxf.common.jaxb``, ``org.apache.cxf.common.logging``, ``org.apache.cxf.configuration.jsse``, ``org.apache.cxf.helpers``, ``org.apache.cxf.resource``, ``org.apache.cxf.staxutils``, ``org.apache.cxf.tools.corba.utils``, ``org.apache.cxf.tools.util``, ``org.apache.cxf.transform``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hadoop.hive.ql.exec``, ``org.apache.hadoop.hive.ql.metadata``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.ibatis.mapping``, ``org.apache.log4j``, ``org.apache.shiro.authc``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.shiro.mgt``, ``org.apache.sshd.client.session``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.codehaus.cargo.container.installer``, ``org.dom4j``, ``org.exolab.castor.xml``, ``org.fusesource.leveldbjni``, ``org.geogebra.web.full.main``, ``org.gradle.api.file``, ``org.ho.yaml``, ``org.influxdb``, ``org.jabsorb``, ``org.jboss.vfs``, ``org.jdbi.v3.core``, ``org.jenkins.ui.icon``, ``org.jenkins.ui.symbol``, ``org.keycloak.models.map.storage``, ``org.kohsuke.stapler``, ``org.lastaflute.web``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.owasp.esapi``, ``org.pac4j.jwt.config.encryption``, ``org.pac4j.jwt.config.signature``, ``org.scijava.log``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.libs.ws``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``software.amazon.awssdk.transfer.s3.model``, ``sun.jvmstat.perfdata.monitor.protocol.local``, ``sun.jvmstat.perfdata.monitor.protocol.rmi``, ``sun.misc``, ``sun.net.ftp``, ``sun.net.www.protocol.http``, ``sun.security.acl``, ``sun.security.jgss.krb5``, ``sun.security.krb5``, ``sun.security.pkcs``, ``sun.security.pkcs11``, ``sun.security.provider``, ``sun.security.ssl``, ``sun.security.x509``, ``sun.tools.jconsole``",127,6034,775,148,6,14,18,,186
|
||||||
Totals,,382,26411,2707,421,16,137,33,1,415
|
Totals,,382,26403,2707,421,16,137,33,1,415
|
||||||
|
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
class Test {
|
|
||||||
public static void main(String[] args) {
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
fun main() {}
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
| file://:0:0:0:0 | | |
|
|
||||||
| file://:0:0:0:0 | | |
|
|
||||||
| file://Z:/Test.class:0:0:0:0 | Test | relative |
|
|
||||||
| file://Z:/test1.java:0:0:0:0 | test1 | relative |
|
|
||||||
| file://Z:/test2.kt:0:0:0:0 | test2 | relative |
|
|
||||||
@@ -1,9 +0,0 @@
|
|||||||
import java
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where
|
|
||||||
not f.getURL().matches("file:///modules/%") and
|
|
||||||
not f.getURL().matches("file:///!unknown-binary-location/kotlin/%") and
|
|
||||||
not f.getURL().matches("%/ql/java/kotlin-extractor/%") and
|
|
||||||
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, java, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(command=["javac test1.java", "kotlinc test2.kt"], source_root=drive)
|
|
||||||
@@ -1,10 +1,4 @@
|
|||||||
extensions:
|
extensions:
|
||||||
- addsTo:
|
|
||||||
pack: codeql/java-all
|
|
||||||
extensible: summaryModel
|
|
||||||
data:
|
|
||||||
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", True, "add", "(URI)", "", "Argument[0]", "Argument[this].Element", "value", "hq-manual"]
|
|
||||||
|
|
||||||
- addsTo:
|
- addsTo:
|
||||||
pack: codeql/java-all
|
pack: codeql/java-all
|
||||||
extensible: neutralModel
|
extensible: neutralModel
|
||||||
|
|||||||
6
java/ql/lib/ext/org.apache.hc.client5.http.protocol.yml
Normal file
6
java/ql/lib/ext/org.apache.hc.client5.http.protocol.yml
Normal file
@@ -0,0 +1,6 @@
|
|||||||
|
extensions:
|
||||||
|
- addsTo:
|
||||||
|
pack: codeql/java-all
|
||||||
|
extensible: summaryModel
|
||||||
|
data:
|
||||||
|
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", True, "add", "(URI)", "", "Argument[0]", "Argument[this].Element", "value", "hq-manual"]
|
||||||
@@ -247,8 +247,8 @@ private predicate simpleLocalFlowStep0(Node node1, Node node2, string model) {
|
|||||||
or
|
or
|
||||||
cloneStep(node1, node2) and model = "CloneStep"
|
cloneStep(node1, node2) and model = "CloneStep"
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(node1, node2.(FlowSummaryNode).getSummaryNode(),
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(),
|
||||||
true, model)
|
node2.(FlowSummaryNode).getSummaryNode(), true, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -41,8 +41,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::JavaDataFlow> {
|
|||||||
|
|
||||||
class SinkBase = Void;
|
class SinkBase = Void;
|
||||||
|
|
||||||
class FlowSummaryCallBase = Void;
|
|
||||||
|
|
||||||
predicate neutralElement(
|
predicate neutralElement(
|
||||||
Input::SummarizedCallableBase c, string kind, string provenance, boolean isExact
|
Input::SummarizedCallableBase c, string kind, string provenance, boolean isExact
|
||||||
) {
|
) {
|
||||||
@@ -146,10 +144,6 @@ private module TypesInput implements Impl::Private::TypesInputSig {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private module StepsInput implements Impl::Private::StepsInputSig {
|
private module StepsInput implements Impl::Private::StepsInputSig {
|
||||||
Impl::Private::SummaryNode getSummaryNode(Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
||||||
sc = viableCallable(result).asSummarizedCallable()
|
sc = viableCallable(result).asSummarizedCallable()
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -145,8 +145,8 @@ private module Cached {
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(src,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(src.(DataFlowPrivate::FlowSummaryNode)
|
||||||
sink.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false, model)
|
.getSummaryNode(), sink.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -234,3 +234,8 @@ subpaths
|
|||||||
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
|
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
|
||||||
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
|
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
|
||||||
testFailures
|
testFailures
|
||||||
|
| test.kt:28:14:28:21 | getSecond(...) | Unexpected result: hasTaintFlow=a |
|
||||||
|
| test.kt:35:14:35:27 | component1(...) | Unexpected result: hasTaintFlow=d |
|
||||||
|
| test.kt:41:14:41:22 | getSecond(...) | Unexpected result: hasTaintFlow=e |
|
||||||
|
| test.kt:53:14:53:24 | getDuration(...) | Unexpected result: hasTaintFlow=f |
|
||||||
|
| test.kt:58:14:58:29 | component2(...) | Unexpected result: hasTaintFlow=g |
|
||||||
|
|||||||
@@ -25,20 +25,20 @@ class Test {
|
|||||||
val p = Pair(taint("a"), "")
|
val p = Pair(taint("a"), "")
|
||||||
sink(p) // $ hasTaintFlow=a
|
sink(p) // $ hasTaintFlow=a
|
||||||
sink(p.component1()) // $ hasTaintFlow=a
|
sink(p.component1()) // $ hasTaintFlow=a
|
||||||
sink(p.second) // $ SPURIOUS: hasTaintFlow=a
|
sink(p.second)
|
||||||
|
|
||||||
sink(taint("b").capitalize()) // $ hasTaintFlow=b
|
sink(taint("b").capitalize()) // $ hasTaintFlow=b
|
||||||
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
|
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
|
||||||
|
|
||||||
val t = Triple("", taint("d"), "")
|
val t = Triple("", taint("d"), "")
|
||||||
sink(t) // $ hasTaintFlow=d
|
sink(t) // $ hasTaintFlow=d
|
||||||
sink(t.component1()) // $ SPURIOUS: hasTaintFlow=d
|
sink(t.component1())
|
||||||
sink(t.second) // $ hasTaintFlow=d
|
sink(t.second) // $ hasTaintFlow=d
|
||||||
|
|
||||||
val p1 = taint("e") to ""
|
val p1 = taint("e") to ""
|
||||||
sink(p1) // $ hasTaintFlow=e
|
sink(p1) // $ hasTaintFlow=e
|
||||||
sink(p1.component1()) // $ hasTaintFlow=e
|
sink(p1.component1()) // $ hasTaintFlow=e
|
||||||
sink(p1.second) // $ SPURIOUS: hasTaintFlow=e
|
sink(p1.second)
|
||||||
|
|
||||||
val l = p.toList()
|
val l = p.toList()
|
||||||
sink(l) // $ hasTaintFlow=a
|
sink(l) // $ hasTaintFlow=a
|
||||||
@@ -50,12 +50,12 @@ class Test {
|
|||||||
val tv = TimedValue(taint("f"), Duration.parse(""))
|
val tv = TimedValue(taint("f"), Duration.parse(""))
|
||||||
sink(tv) // $ hasTaintFlow=f
|
sink(tv) // $ hasTaintFlow=f
|
||||||
sink(tv.component1()) // $ hasTaintFlow=f
|
sink(tv.component1()) // $ hasTaintFlow=f
|
||||||
sink(tv.duration) // $ SPURIOUS: hasTaintFlow=f
|
sink(tv.duration)
|
||||||
|
|
||||||
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
|
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
|
||||||
sink(mg0) // $ hasTaintFlow=g
|
sink(mg0) // $ hasTaintFlow=g
|
||||||
sink(mg0.value) // $ hasTaintFlow=g
|
sink(mg0.value) // $ hasTaintFlow=g
|
||||||
sink(mg0.component2()) // $ SPURIOUS: hasTaintFlow=g
|
sink(mg0.component2())
|
||||||
|
|
||||||
val iv = IndexedValue<String>(5, taint("h"))
|
val iv = IndexedValue<String>(5, taint("h"))
|
||||||
sink(iv) // $ hasTaintFlow=h
|
sink(iv) // $ hasTaintFlow=h
|
||||||
|
|||||||
@@ -234,3 +234,8 @@ subpaths
|
|||||||
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
|
| use.kt:9:14:9:25 | taint(...) : Closeable | use.kt:9:31:9:36 | it : Closeable | use.kt:9:33:9:34 | it : Closeable | use.kt:9:14:9:36 | use(...) |
|
||||||
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
|
| with.kt:7:19:7:30 | taint(...) : String | with.kt:7:33:7:40 | $this$with : String | with.kt:7:35:7:38 | this : String | with.kt:7:14:7:40 | with(...) |
|
||||||
testFailures
|
testFailures
|
||||||
|
| test.kt:28:14:28:21 | getSecond(...) | Unexpected result: hasTaintFlow=a |
|
||||||
|
| test.kt:35:14:35:27 | component1(...) | Unexpected result: hasTaintFlow=d |
|
||||||
|
| test.kt:41:14:41:22 | getSecond(...) | Unexpected result: hasTaintFlow=e |
|
||||||
|
| test.kt:53:14:53:24 | getDuration(...) | Unexpected result: hasTaintFlow=f |
|
||||||
|
| test.kt:58:14:58:29 | component2(...) | Unexpected result: hasTaintFlow=g |
|
||||||
|
|||||||
@@ -25,20 +25,20 @@ class Test {
|
|||||||
val p = Pair(taint("a"), "")
|
val p = Pair(taint("a"), "")
|
||||||
sink(p) // $ hasTaintFlow=a
|
sink(p) // $ hasTaintFlow=a
|
||||||
sink(p.component1()) // $ hasTaintFlow=a
|
sink(p.component1()) // $ hasTaintFlow=a
|
||||||
sink(p.second) // $ SPURIOUS: hasTaintFlow=a
|
sink(p.second)
|
||||||
|
|
||||||
sink(taint("b").capitalize()) // $ hasTaintFlow=b
|
sink(taint("b").capitalize()) // $ hasTaintFlow=b
|
||||||
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
|
sink(taint("c").replaceFirstChar { _ -> 'x' }) // $ hasTaintFlow=c
|
||||||
|
|
||||||
val t = Triple("", taint("d"), "")
|
val t = Triple("", taint("d"), "")
|
||||||
sink(t) // $ hasTaintFlow=d
|
sink(t) // $ hasTaintFlow=d
|
||||||
sink(t.component1()) // $ SPURIOUS: hasTaintFlow=d
|
sink(t.component1())
|
||||||
sink(t.second) // $ hasTaintFlow=d
|
sink(t.second) // $ hasTaintFlow=d
|
||||||
|
|
||||||
val p1 = taint("e") to ""
|
val p1 = taint("e") to ""
|
||||||
sink(p1) // $ hasTaintFlow=e
|
sink(p1) // $ hasTaintFlow=e
|
||||||
sink(p1.component1()) // $ hasTaintFlow=e
|
sink(p1.component1()) // $ hasTaintFlow=e
|
||||||
sink(p1.second) // $ SPURIOUS: hasTaintFlow=e
|
sink(p1.second)
|
||||||
|
|
||||||
val l = p.toList()
|
val l = p.toList()
|
||||||
sink(l) // $ hasTaintFlow=a
|
sink(l) // $ hasTaintFlow=a
|
||||||
@@ -50,12 +50,12 @@ class Test {
|
|||||||
val tv = TimedValue(taint("f"), Duration.parse(""))
|
val tv = TimedValue(taint("f"), Duration.parse(""))
|
||||||
sink(tv) // $ hasTaintFlow=f
|
sink(tv) // $ hasTaintFlow=f
|
||||||
sink(tv.component1()) // $ hasTaintFlow=f
|
sink(tv.component1()) // $ hasTaintFlow=f
|
||||||
sink(tv.duration) // $ SPURIOUS: hasTaintFlow=f
|
sink(tv.duration)
|
||||||
|
|
||||||
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
|
val mg0 = MatchGroup(taint("g"), IntRange(0, 10))
|
||||||
sink(mg0) // $ hasTaintFlow=g
|
sink(mg0) // $ hasTaintFlow=g
|
||||||
sink(mg0.value) // $ hasTaintFlow=g
|
sink(mg0.value) // $ hasTaintFlow=g
|
||||||
sink(mg0.component2()) // $ SPURIOUS: hasTaintFlow=g
|
sink(mg0.component2())
|
||||||
|
|
||||||
val iv = IndexedValue<String>(5, taint("h"))
|
val iv = IndexedValue<String>(5, taint("h"))
|
||||||
sink(iv) // $ hasTaintFlow=h
|
sink(iv) // $ hasTaintFlow=h
|
||||||
|
|||||||
@@ -29,3 +29,8 @@ nodes
|
|||||||
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] | semmle.label | ciphertext : byte[] |
|
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] | semmle.label | ciphertext : byte[] |
|
||||||
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
||||||
subpaths
|
subpaths
|
||||||
|
testFailures
|
||||||
|
| BadMacUse.java:50:56:50:66 | // $ Source | Missing result: Source |
|
||||||
|
| BadMacUse.java:63:118:63:128 | // $ Source | Missing result: Source |
|
||||||
|
| BadMacUse.java:92:31:92:35 | bytes : byte[] | Unexpected result: Source |
|
||||||
|
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||||
|
|||||||
@@ -30,3 +30,8 @@ nodes
|
|||||||
| BadMacUse.java:118:83:118:84 | iv : byte[] | semmle.label | iv : byte[] |
|
| BadMacUse.java:118:83:118:84 | iv : byte[] | semmle.label | iv : byte[] |
|
||||||
| BadMacUse.java:124:42:124:51 | ciphertext | semmle.label | ciphertext |
|
| BadMacUse.java:124:42:124:51 | ciphertext | semmle.label | ciphertext |
|
||||||
subpaths
|
subpaths
|
||||||
|
testFailures
|
||||||
|
| BadMacUse.java:63:118:63:128 | // $ Source | Missing result: Source |
|
||||||
|
| BadMacUse.java:92:16:92:36 | doFinal(...) : byte[] | Unexpected result: Source |
|
||||||
|
| BadMacUse.java:124:42:124:51 | ciphertext | Unexpected result: Alert |
|
||||||
|
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||||
|
|||||||
@@ -44,3 +44,8 @@ nodes
|
|||||||
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] [[]] : Object | semmle.label | ciphertext : byte[] [[]] : Object |
|
| BadMacUse.java:146:48:146:57 | ciphertext : byte[] [[]] : Object | semmle.label | ciphertext : byte[] [[]] : Object |
|
||||||
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
| BadMacUse.java:152:42:152:51 | ciphertext | semmle.label | ciphertext |
|
||||||
subpaths
|
subpaths
|
||||||
|
testFailures
|
||||||
|
| BadMacUse.java:50:56:50:66 | // $ Source | Missing result: Source |
|
||||||
|
| BadMacUse.java:139:79:139:90 | input : byte[] | Unexpected result: Source |
|
||||||
|
| BadMacUse.java:146:95:146:105 | // $ Source | Missing result: Source |
|
||||||
|
| BadMacUse.java:152:42:152:51 | ciphertext | Unexpected result: Alert |
|
||||||
|
|||||||
@@ -47,7 +47,7 @@ class BadMacUse {
|
|||||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||||
cipher.init(Cipher.DECRYPT_MODE, encryptionKey, new SecureRandom());
|
cipher.init(Cipher.DECRYPT_MODE, encryptionKey, new SecureRandom());
|
||||||
byte[] plaintext = cipher.doFinal(ciphertext); // $ Source[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
byte[] plaintext = cipher.doFinal(ciphertext); // $ Source
|
||||||
|
|
||||||
// Now verify MAC (too late)
|
// Now verify MAC (too late)
|
||||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||||
@@ -60,7 +60,7 @@ class BadMacUse {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $ Source[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $ Source
|
||||||
// Create keys directly from provided byte arrays
|
// Create keys directly from provided byte arrays
|
||||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||||
@@ -89,7 +89,7 @@ class BadMacUse {
|
|||||||
|
|
||||||
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
|
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
|
||||||
cipher.init(mode, secretKeySpec, ivParameterSpec);
|
cipher.init(mode, secretKeySpec, ivParameterSpec);
|
||||||
return cipher.doFinal(bytes); // $ Source[java/quantum/examples/bad-mac-order-decrypt-then-mac] Source[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
return cipher.doFinal(bytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -121,7 +121,7 @@ class BadMacUse {
|
|||||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||||
Mac mac = Mac.getInstance("HmacSHA256");
|
Mac mac = Mac.getInstance("HmacSHA256");
|
||||||
mac.init(macKey);
|
mac.init(macKey);
|
||||||
byte[] computedMac = mac.doFinal(ciphertext); // $ SPURIOUS: Alert[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
byte[] computedMac = mac.doFinal(ciphertext); // False Positive
|
||||||
|
|
||||||
// Concatenate ciphertext and MAC
|
// Concatenate ciphertext and MAC
|
||||||
byte[] output = new byte[ciphertext.length + computedMac.length];
|
byte[] output = new byte[ciphertext.length + computedMac.length];
|
||||||
@@ -136,20 +136,20 @@ class BadMacUse {
|
|||||||
* The function decrypts THEN computes the MAC on the plaintext.
|
* The function decrypts THEN computes the MAC on the plaintext.
|
||||||
* It should have the MAC computed on the ciphertext first.
|
* It should have the MAC computed on the ciphertext first.
|
||||||
*/
|
*/
|
||||||
public void decryptThenMac(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] input) throws Exception { // $ SPURIOUS: Source[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
public void decryptThenMac(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] input) throws Exception {
|
||||||
// Split input into ciphertext and MAC
|
// Split input into ciphertext and MAC
|
||||||
int macLength = 32; // HMAC-SHA256 output length
|
int macLength = 32; // HMAC-SHA256 output length
|
||||||
byte[] ciphertext = Arrays.copyOfRange(input, 0, input.length - macLength);
|
byte[] ciphertext = Arrays.copyOfRange(input, 0, input.length - macLength);
|
||||||
byte[] receivedMac = Arrays.copyOfRange(input, input.length - macLength, input.length);
|
byte[] receivedMac = Arrays.copyOfRange(input, input.length - macLength, input.length);
|
||||||
|
|
||||||
// Decrypt first (unsafe)
|
// Decrypt first (unsafe)
|
||||||
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]);
|
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]); // $ Source
|
||||||
|
|
||||||
// Now verify MAC (too late)
|
// Now verify MAC (too late)
|
||||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||||
Mac mac = Mac.getInstance("HmacSHA256");
|
Mac mac = Mac.getInstance("HmacSHA256");
|
||||||
mac.init(macKey);
|
mac.init(macKey);
|
||||||
byte[] computedMac = mac.doFinal(ciphertext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac] SPURIOUS: Alert[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
byte[] computedMac = mac.doFinal(ciphertext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac], False positive for Plaintext reuse
|
||||||
|
|
||||||
if (!MessageDigest.isEqual(receivedMac, computedMac)) {
|
if (!MessageDigest.isEqual(receivedMac, computedMac)) {
|
||||||
throw new SecurityException("MAC verification failed");
|
throw new SecurityException("MAC verification failed");
|
||||||
|
|||||||
@@ -126,3 +126,5 @@ nodes
|
|||||||
| InsecureIVorNonceSource.java:202:54:202:55 | iv : byte[] | semmle.label | iv : byte[] |
|
| InsecureIVorNonceSource.java:202:54:202:55 | iv : byte[] | semmle.label | iv : byte[] |
|
||||||
| InsecureIVorNonceSource.java:206:51:206:56 | ivSpec | semmle.label | ivSpec |
|
| InsecureIVorNonceSource.java:206:51:206:56 | ivSpec | semmle.label | ivSpec |
|
||||||
subpaths
|
subpaths
|
||||||
|
testFailures
|
||||||
|
| InsecureIVorNonceSource.java:42:21:42:21 | 1 : Number | Unexpected result: Source |
|
||||||
|
|||||||
@@ -39,7 +39,7 @@ public class InsecureIVorNonceSource {
|
|||||||
public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
||||||
byte[] iv = new byte[16];
|
byte[] iv = new byte[16];
|
||||||
for (byte i = 0; i < iv.length; i++) {
|
for (byte i = 0; i < iv.length; i++) {
|
||||||
iv[i] = 1; // $ Source[java/quantum/examples/insecure-iv-or-nonce]
|
iv[i] = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
IvParameterSpec ivSpec = new IvParameterSpec(iv);
|
IvParameterSpec ivSpec = new IvParameterSpec(iv);
|
||||||
|
|||||||
@@ -40,11 +40,11 @@ public class Test {
|
|||||||
* SAST/CBOM: - Parent: PBKDF2. - Iteration count is only 10, which is far
|
* SAST/CBOM: - Parent: PBKDF2. - Iteration count is only 10, which is far
|
||||||
* below acceptable security standards. - Flagged as insecure.
|
* below acceptable security standards. - Flagged as insecure.
|
||||||
*/
|
*/
|
||||||
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $ Source[java/quantum/examples/unknown-kdf-iteration-count]
|
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $ Source
|
||||||
byte[] salt = generateSalt(16);
|
byte[] salt = generateSalt(16);
|
||||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256);
|
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $ Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
||||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||||
byte[] key = factory.generateSecret(spec).getEncoded(); // $ Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -1 +1,5 @@
|
|||||||
|
#select
|
||||||
| Test.java:47:22:47:49 | KeyDerivation | Key derivation operation with unknown iteration: $@ | Test.java:43:53:43:70 | iterationCount | iterationCount |
|
| Test.java:47:22:47:49 | KeyDerivation | Key derivation operation with unknown iteration: $@ | Test.java:43:53:43:70 | iterationCount | iterationCount |
|
||||||
|
testFailures
|
||||||
|
| Test.java:45:94:45:154 | // $ Alert[java/quantum/examples/unknown-kdf-iteration-count] | Missing result: Alert[java/quantum/examples/unknown-kdf-iteration-count] |
|
||||||
|
| Test.java:47:22:47:49 | Key derivation operation with unknown iteration: $@ | Unexpected result: Alert |
|
||||||
|
|||||||
@@ -12,3 +12,5 @@ nodes
|
|||||||
| Test.java:58:30:58:38 | 1_000_000 : Number | semmle.label | 1_000_000 : Number |
|
| Test.java:58:30:58:38 | 1_000_000 : Number | semmle.label | 1_000_000 : Number |
|
||||||
| Test.java:59:72:59:85 | iterationCount | semmle.label | iterationCount |
|
| Test.java:59:72:59:85 | iterationCount | semmle.label | iterationCount |
|
||||||
subpaths
|
subpaths
|
||||||
|
testFailures
|
||||||
|
| Test.java:43:92:43:102 | // $ Source | Missing result: Source |
|
||||||
|
|||||||
@@ -13,7 +13,8 @@ predicate taintFlowUpdate(DataFlow::ParameterNode p1, DataFlow::ParameterNode p2
|
|||||||
}
|
}
|
||||||
|
|
||||||
predicate summaryStep(FlowSummaryNode src, FlowSummaryNode sink) {
|
predicate summaryStep(FlowSummaryNode src, FlowSummaryNode sink) {
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(src, sink.getSummaryNode(), false, _) or
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(src.getSummaryNode(), sink.getSummaryNode(),
|
||||||
|
false, _) or
|
||||||
FlowSummaryImpl::Private::Steps::summaryReadStep(src.getSummaryNode(), _, sink.getSummaryNode()) or
|
FlowSummaryImpl::Private::Steps::summaryReadStep(src.getSummaryNode(), _, sink.getSummaryNode()) or
|
||||||
FlowSummaryImpl::Private::Steps::summaryStoreStep(src.getSummaryNode(), _, sink.getSummaryNode())
|
FlowSummaryImpl::Private::Steps::summaryStoreStep(src.getSummaryNode(), _, sink.getSummaryNode())
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
function interesting() { }
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
0
|
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
| file://Z:/main.js:0:0:0:0 | Z:/main.js | relative |
|
|
||||||
| file://Z:/test.ts:0:0:0:0 | Z:/test.ts | relative |
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import javascript
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where
|
|
||||||
not f.getURL().matches("%/target/intree/%") and
|
|
||||||
if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, javascript, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(source_root=drive)
|
|
||||||
@@ -1212,8 +1212,8 @@ private predicate valuePreservingStep(Node node1, Node node2) {
|
|||||||
or
|
or
|
||||||
node2 = FlowSteps::getThrowTarget(node1)
|
node2 = FlowSteps::getThrowTarget(node1)
|
||||||
or
|
or
|
||||||
FlowSummaryPrivate::Steps::summaryLocalStep(node1, node2.(FlowSummaryNode).getSummaryNode(), true,
|
FlowSummaryPrivate::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(),
|
||||||
_) // TODO: preserve 'model'
|
node2.(FlowSummaryNode).getSummaryNode(), true, _) // TODO: preserve 'model'
|
||||||
}
|
}
|
||||||
|
|
||||||
predicate knownSourceModel(Node sink, string model) { none() }
|
predicate knownSourceModel(Node sink, string model) { none() }
|
||||||
|
|||||||
@@ -142,10 +142,6 @@ string encodeArgumentPosition(ArgumentPosition pos) {
|
|||||||
ReturnKind getStandardReturnValueKind() { result = MkNormalReturnKind() and Stage::ref() }
|
ReturnKind getStandardReturnValueKind() { result = MkNormalReturnKind() and Stage::ref() }
|
||||||
|
|
||||||
private module FlowSummaryStepInput implements Private::StepsInputSig {
|
private module FlowSummaryStepInput implements Private::StepsInputSig {
|
||||||
Private::SummaryNode getSummaryNode(DataFlow::Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
overlay[global]
|
overlay[global]
|
||||||
DataFlowCall getACall(SummarizedCallable sc) {
|
DataFlowCall getACall(SummarizedCallable sc) {
|
||||||
exists(LibraryCallable callable | callable = sc |
|
exists(LibraryCallable callable | callable = sc |
|
||||||
|
|||||||
@@ -12,8 +12,8 @@ cached
|
|||||||
predicate defaultAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
|
predicate defaultAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||||
TaintTracking::AdditionalTaintStep::step(node1, node2)
|
TaintTracking::AdditionalTaintStep::step(node1, node2)
|
||||||
or
|
or
|
||||||
FlowSummaryPrivate::Steps::summaryLocalStep(node1, node2.(FlowSummaryNode).getSummaryNode(),
|
FlowSummaryPrivate::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(),
|
||||||
false, _) // TODO: preserve 'model' parameter
|
node2.(FlowSummaryNode).getSummaryNode(), false, _) // TODO: preserve 'model' parameter
|
||||||
or
|
or
|
||||||
// Convert steps out of array elements to plain taint steps
|
// Convert steps out of array elements to plain taint steps
|
||||||
FlowSummaryPrivate::Steps::summaryReadStep(node1.(FlowSummaryNode).getSummaryNode(),
|
FlowSummaryPrivate::Steps::summaryReadStep(node1.(FlowSummaryNode).getSummaryNode(),
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ private import DataFlowImplSpecific
|
|||||||
private import codeql.dataflow.DataFlow as SharedDataFlow
|
private import codeql.dataflow.DataFlow as SharedDataFlow
|
||||||
private import codeql.dataflow.TaintTracking as SharedTaintTracking
|
private import codeql.dataflow.TaintTracking as SharedTaintTracking
|
||||||
private import codeql.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
|
private import codeql.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
|
||||||
private import codeql.util.Void
|
|
||||||
|
|
||||||
module JSDataFlow implements SharedDataFlow::InputSig<Location> {
|
module JSDataFlow implements SharedDataFlow::InputSig<Location> {
|
||||||
import Private
|
import Private
|
||||||
@@ -29,8 +28,6 @@ module JSFlowSummary implements FlowSummaryImpl::InputSig<Location, JSDataFlow>
|
|||||||
private import semmle.javascript.dataflow.internal.FlowSummaryPrivate as FlowSummaryPrivate
|
private import semmle.javascript.dataflow.internal.FlowSummaryPrivate as FlowSummaryPrivate
|
||||||
import FlowSummaryPrivate
|
import FlowSummaryPrivate
|
||||||
|
|
||||||
class FlowSummaryCallBase = Void;
|
|
||||||
|
|
||||||
overlay[local]
|
overlay[local]
|
||||||
predicate callableFromSource(SummarizedCallableBase c) { none() }
|
predicate callableFromSource(SummarizedCallableBase c) { none() }
|
||||||
|
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
print(0)
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
| code/main.py:0:0:0:0 | code/main.py | |
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
import python
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, python, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(source_root=drive)
|
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
category: minorAnalysis
|
||||||
|
---
|
||||||
|
|
||||||
|
- Temporarily disabled the `instanceFieldStep` disjunct of the internal `TypeTrackingInput::levelStepCall` predicate, which was introduced in 7.2.0 and caused catastrophic query slowdowns on some OOP-heavy Python codebases (e.g. `mypy` and `dask`).
|
||||||
@@ -529,7 +529,7 @@ predicate simpleLocalFlowStepForTypetracking(Node nodeFrom, Node nodeTo) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private predicate summaryLocalStep(Node nodeFrom, Node nodeTo, string model) {
|
private predicate summaryLocalStep(Node nodeFrom, Node nodeTo, string model) {
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(),
|
||||||
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
nodeTo.(FlowSummaryNode).getSummaryNode(), true, model)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -20,8 +20,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::PythonDataFlow>
|
|||||||
|
|
||||||
class SinkBase = Void;
|
class SinkBase = Void;
|
||||||
|
|
||||||
class FlowSummaryCallBase = Void;
|
|
||||||
|
|
||||||
predicate callableFromSource(SummarizedCallableBase c) { none() }
|
predicate callableFromSource(SummarizedCallableBase c) { none() }
|
||||||
|
|
||||||
ArgumentPosition callbackSelfParameterPosition() { result.isLambdaSelf() }
|
ArgumentPosition callbackSelfParameterPosition() { result.isLambdaSelf() }
|
||||||
@@ -113,10 +111,6 @@ module Input implements InputSig<Location, DataFlowImplSpecific::PythonDataFlow>
|
|||||||
private import Make<Location, DataFlowImplSpecific::PythonDataFlow, Input> as Impl
|
private import Make<Location, DataFlowImplSpecific::PythonDataFlow, Input> as Impl
|
||||||
|
|
||||||
private module StepsInput implements Impl::Private::StepsInputSig {
|
private module StepsInput implements Impl::Private::StepsInputSig {
|
||||||
Impl::Private::SummaryNode getSummaryNode(Node n) {
|
|
||||||
result = n.(FlowSummaryNode).getSummaryNode()
|
|
||||||
}
|
|
||||||
|
|
||||||
overlay[global]
|
overlay[global]
|
||||||
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
DataFlowCall getACall(Public::SummarizedCallable sc) {
|
||||||
result =
|
result =
|
||||||
|
|||||||
@@ -80,8 +80,10 @@ private module Cached {
|
|||||||
) and
|
) and
|
||||||
model = ""
|
model = ""
|
||||||
or
|
or
|
||||||
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom,
|
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom
|
||||||
nodeTo.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false, model)
|
.(DataFlowPrivate::FlowSummaryNode)
|
||||||
|
.getSummaryNode(), nodeTo.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false,
|
||||||
|
model)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
BIN
ql/Cargo.lock
generated
BIN
ql/Cargo.lock
generated
Binary file not shown.
File diff suppressed because it is too large
Load Diff
@@ -1 +0,0 @@
|
|||||||
0
|
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
| code/test.rb:0:0:0:0 | code/test.rb | |
|
|
||||||
| file://:0:0:0:0 | | |
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
import ruby
|
|
||||||
|
|
||||||
from File f, string relative
|
|
||||||
where if exists(f.getRelativePath()) then relative = "relative" else relative = ""
|
|
||||||
select f, relative
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
import runs_on
|
|
||||||
|
|
||||||
|
|
||||||
@runs_on.windows
|
|
||||||
def test(codeql, ruby, cwd, subst_drive):
|
|
||||||
drive = subst_drive(cwd / "code")
|
|
||||||
codeql.database.create(source_root=drive)
|
|
||||||
File diff suppressed because it is too large
Load Diff
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user