C++: Add test case.

Author: geoffw0

cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextBufferWrite.expected

@@ -7,6 +7,9 @@ edges
 | test.cpp:54:17:54:20 | argv | test.cpp:58:25:58:29 | input indirection |
 subpaths
 nodes
+| test2.cpp:103:3:103:6 | call to gets | semmle.label | call to gets |
+| test2.cpp:103:3:103:6 | call to gets | semmle.label | call to gets |
+| test2.cpp:103:3:103:6 | call to gets | semmle.label | call to gets |
 | test.cpp:54:17:54:20 | argv | semmle.label | argv |
 | test.cpp:54:17:54:20 | argv | semmle.label | argv |
 | test.cpp:58:25:58:29 | input | semmle.label | input |
@@ -15,4 +18,5 @@ nodes
 | test.cpp:58:25:58:29 | input indirection | semmle.label | input indirection |
 | test.cpp:58:25:58:29 | input indirection | semmle.label | input indirection |
 #select
+| test2.cpp:103:3:103:6 | call to gets | test2.cpp:103:3:103:6 | call to gets | test2.cpp:103:3:103:6 | call to gets | This write into buffer 'password' may contain unencrypted data from $@ | test2.cpp:103:3:103:6 | call to gets | user input (gets) |
 | test.cpp:58:3:58:9 | call to sprintf | test.cpp:54:17:54:20 | argv | test.cpp:58:25:58:29 | input | This write into buffer 'passwd' may contain unencrypted data from $@ | test.cpp:54:17:54:20 | argv | user input (argv) |

cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextTransmission.expected

@@ -1,4 +1,5 @@
 edges
+| test2.cpp:101:8:101:15 | password | test2.cpp:103:8:103:15 | password |
 | test3.cpp:17:28:17:36 | password1 | test3.cpp:22:15:22:23 | password1 |
 | test3.cpp:17:51:17:59 | password2 | test3.cpp:26:15:26:23 | password2 |
 | test3.cpp:45:8:45:15 | password | test3.cpp:47:15:47:22 | password |
@@ -90,6 +91,8 @@ edges
 | test.cpp:66:23:66:43 | cleartext password! | test.cpp:76:21:76:27 | call to encrypt |
 | test.cpp:66:23:66:43 | cleartext password! | test.cpp:76:29:76:39 | thePassword |
 nodes
+| test2.cpp:101:8:101:15 | password | semmle.label | password |
+| test2.cpp:103:8:103:15 | password | semmle.label | password |
 | test3.cpp:17:28:17:36 | password1 | semmle.label | password1 |
 | test3.cpp:17:51:17:59 | password2 | semmle.label | password2 |
 | test3.cpp:22:15:22:23 | password1 | semmle.label | password1 |
@@ -210,6 +213,7 @@ subpaths
 | test3.cpp:316:11:316:19 | password1 | test3.cpp:283:20:283:23 | data | test3.cpp:283:20:283:23 | data | test3.cpp:316:11:316:19 | ref arg password1 |
 | test3.cpp:324:11:324:14 | data | test3.cpp:293:20:293:23 | data | test3.cpp:293:20:293:23 | data | test3.cpp:324:11:324:14 | ref arg data |
 #select
+| test2.cpp:103:3:103:6 | call to gets | test2.cpp:101:8:101:15 | password | test2.cpp:103:8:103:15 | password | This operation receives into 'password', which may put unencrypted sensitive data into $@ | test2.cpp:101:8:101:15 | password | password |
 | test3.cpp:22:3:22:6 | call to send | test3.cpp:17:28:17:36 | password1 | test3.cpp:22:15:22:23 | password1 | This operation transmits 'password1', which may contain unencrypted sensitive data from $@ | test3.cpp:17:28:17:36 | password1 | password1 |
 | test3.cpp:26:3:26:6 | call to send | test3.cpp:17:51:17:59 | password2 | test3.cpp:26:15:26:23 | password2 | This operation transmits 'password2', which may contain unencrypted sensitive data from $@ | test3.cpp:17:51:17:59 | password2 | password2 |
 | test3.cpp:47:3:47:6 | call to recv | test3.cpp:45:8:45:15 | password | test3.cpp:47:15:47:22 | password | This operation receives into 'password', which may put unencrypted sensitive data into $@ | test3.cpp:45:8:45:15 | password | password |

cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/test2.cpp

@@ -92,3 +92,14 @@ void tests(FILE *log, myStruct &s)
 		fprintf(log, "log: %s", buffer); // BAD [NOT DETECTED]
 	}
 }
+
+char *gets(char *s);
+
+void test_gets()
+{
+	{
+		char password[1024];
+
+		gets(password); // BAD [but FALSE POSITIVE from cpp/cleartext-transmission]
+	}
+}