C++: Add tests.

geoffw0 · geoffw0 · commit 6388ac5f1d3f · 2021-11-09T18:41:57.000Z
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.expected
@@ -0,0 +1,15 @@
+edges
+| test.cpp:11:20:11:22 | url | test.cpp:15:30:15:32 | url |
+| test.cpp:28:10:28:29 | http://example.com | test.cpp:11:20:11:22 | url |
+| test.cpp:38:18:38:26 | http:// | test.cpp:41:11:41:16 | buffer |
+| test.cpp:41:11:41:16 | buffer | test.cpp:11:20:11:22 | url |
+nodes
+| test.cpp:11:20:11:22 | url | semmle.label | url |
+| test.cpp:15:30:15:32 | url | semmle.label | url |
+| test.cpp:28:10:28:29 | http://example.com | semmle.label | http://example.com |
+| test.cpp:38:18:38:26 | http:// | semmle.label | http:// |
+| test.cpp:41:11:41:16 | buffer | semmle.label | buffer |
+subpaths
+#select
+| test.cpp:28:10:28:29 | http://example.com | test.cpp:28:10:28:29 | http://example.com | test.cpp:15:30:15:32 | url | A URL may be constructed with the HTTP protocol. |
+| test.cpp:38:18:38:26 | http:// | test.cpp:38:18:38:26 | http:// | test.cpp:15:30:15:32 | url | A URL may be constructed with the HTTP protocol. |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-319/UseOfHttp.ql
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/test.cpp
@@ -0,0 +1,52 @@
+
+struct host
+{
+	// ...
+};
+
+host gethostbyname(char *str);
+char *strcpy(char *s1, const char *s2);
+char *strcat(char *s1, const char *s2);
+
+void openUrl(char *url)
+{
+	// ...
+
+	host myHost = gethostbyname(url);
+
+	// ...
+}
+
+void doNothing(char *url)
+{
+}
+
+char *urls[] = { "http://example.com" };
+
+void test()
+{
+	openUrl("http://example.com"); // BAD
+	openUrl("https://example.com"); // GOOD (https)
+	openUrl("http://localhost/example"); // GOOD (localhost)
+	openUrl("https://localhost/example"); // GOOD (https, localhost)
+	doNothing("http://example.com"); // GOOD (URL not used)
+	openUrl(urls[0]); // BAD [NOT DETECTED]
+
+	{
+		char buffer[1024];
+
+		strcpy(buffer, "http://"); // BAD
+		strcat(buffer, "example.com");
+
+		openUrl(buffer);
+	}
+
+	{
+		char buffer[1024];
+
+		strcpy(buffer, "https://"); // GOOD (https)
+		strcat(buffer, "example.com");
+
+		openUrl(buffer);
+	}
+}
