C++: Split off stringstream.cpp.

Author: geoffw0

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

@@ -16,7 +16,6 @@ char *user_input() {
 
 void sink(const char *s) {};
 void sink(const std::string &s) {};
-void sink(const std::stringstream &s) {};
 void sink(const char *filename, const char *mode);
 void sink(char) {}
 
@@ -33,42 +32,6 @@ void test_string()
 	sink(c.c_str()); // tainted
 }
 
-void test_stringstream()
-{
-	std::stringstream ss1, ss2, ss3, ss4, ss5;
-	std::string t(source());
-
-	ss1 << "1234";
-	ss2 << source();
-	ss3 << "123" << source();
-	ss4 << source() << "456";
-	ss5 << t;
-
-	sink(ss1);
-	sink(ss2); // tainted [NOT DETECTED]
-	sink(ss3); // tainted [NOT DETECTED]
-	sink(ss4); // tainted [NOT DETECTED]
-	sink(ss5); // tainted [NOT DETECTED]
-	sink(ss1.str());
-	sink(ss2.str()); // tainted [NOT DETECTED]
-	sink(ss3.str()); // tainted [NOT DETECTED]
-	sink(ss4.str()); // tainted [NOT DETECTED]
-	sink(ss5.str()); // tainted [NOT DETECTED]
-}
-
-void test_stringstream_int(int source)
-{
-	std::stringstream ss1, ss2;
-
-	ss1 << 1234;
-	ss2 << source;
-
-	sink(ss1);
-	sink(ss2); // tainted [NOT DETECTED]
-	sink(ss1.str());
-	sink(ss2.str()); // tainted [NOT DETECTED]
-}
-
 void test_strings2()
 {
 	string path1 = user_input();

cpp/ql/test/library-tests/dataflow/taint-tests/string.cpp

@@ -0,0 +1,45 @@
+
+#include "stl.h"
+
+using namespace std;
+
+char *source();
+
+void sink(const std::string &s) {};
+void sink(const std::stringstream &s) {};
+
+void test_stringstream()
+{
+	std::stringstream ss1, ss2, ss3, ss4, ss5;
+	std::string t(source());
+
+	ss1 << "1234";
+	ss2 << source();
+	ss3 << "123" << source();
+	ss4 << source() << "456";
+	ss5 << t;
+
+	sink(ss1);
+	sink(ss2); // tainted [NOT DETECTED]
+	sink(ss3); // tainted [NOT DETECTED]
+	sink(ss4); // tainted [NOT DETECTED]
+	sink(ss5); // tainted [NOT DETECTED]
+	sink(ss1.str());
+	sink(ss2.str()); // tainted [NOT DETECTED]
+	sink(ss3.str()); // tainted [NOT DETECTED]
+	sink(ss4.str()); // tainted [NOT DETECTED]
+	sink(ss5.str()); // tainted [NOT DETECTED]
+}
+
+void test_stringstream_int(int source)
+{
+	std::stringstream ss1, ss2;
+
+	ss1 << 1234;
+	ss2 << source;
+
+	sink(ss1);
+	sink(ss2); // tainted [NOT DETECTED]
+	sink(ss1.str());
+	sink(ss2.str()); // tainted [NOT DETECTED]
+}

cpp/ql/test/library-tests/dataflow/taint-tests/stringstream.cpp

@@ -32,34 +32,34 @@
 | movableclass.cpp:55:8:55:9 | s2 | movableclass.cpp:52:23:52:28 | call to source |
 | movableclass.cpp:64:8:64:9 | s2 | movableclass.cpp:23:55:23:60 | call to source |
 | movableclass.cpp:65:11:65:11 | call to operator= | movableclass.cpp:65:13:65:18 | call to source |
-| string.cpp:29:7:29:7 | a | string.cpp:25:12:25:17 | call to source |
-| string.cpp:31:7:31:7 | c | string.cpp:27:16:27:21 | call to source |
-| string.cpp:33:9:33:13 | call to c_str | string.cpp:27:16:27:21 | call to source |
-| string.cpp:75:13:75:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
-| string.cpp:79:13:79:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
-| string.cpp:82:13:82:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
-| string.cpp:92:7:92:8 | cs | string.cpp:87:19:87:24 | call to source |
-| string.cpp:93:7:93:8 | ss | string.cpp:87:19:87:24 | call to source |
-| string.cpp:106:7:106:8 | cs | string.cpp:98:19:98:24 | call to source |
-| string.cpp:107:7:107:8 | ss | string.cpp:98:19:98:24 | call to source |
-| string.cpp:129:8:129:9 | s1 | string.cpp:124:18:124:23 | call to source |
-| string.cpp:130:8:130:9 | s2 | string.cpp:125:20:125:25 | call to source |
-| string.cpp:131:8:131:9 | s3 | string.cpp:127:8:127:13 | call to source |
-| string.cpp:150:8:150:9 | s1 | string.cpp:146:32:146:37 | call to source |
-| string.cpp:151:8:151:9 | s2 | string.cpp:148:20:148:25 | call to source |
-| string.cpp:158:8:158:8 | c | string.cpp:156:16:156:21 | call to source |
-| string.cpp:166:8:166:8 | c | string.cpp:156:16:156:21 | call to source |
-| string.cpp:171:8:171:8 | c | string.cpp:169:28:169:33 | call to source |
-| string.cpp:181:11:181:11 | call to operator+ | string.cpp:178:18:178:23 | call to source |
-| string.cpp:182:11:182:11 | call to operator+ | string.cpp:178:18:178:23 | call to source |
-| string.cpp:183:11:183:11 | call to operator+ | string.cpp:178:18:178:23 | call to source |
-| string.cpp:186:11:186:11 | call to operator+ | string.cpp:186:13:186:18 | call to source |
-| string.cpp:195:8:195:9 | s5 | string.cpp:191:18:191:23 | call to source |
-| string.cpp:199:8:199:9 | s6 | string.cpp:191:18:191:23 | call to source |
-| string.cpp:204:8:204:9 | s7 | string.cpp:202:9:202:14 | call to source |
-| string.cpp:208:8:208:9 | s8 | string.cpp:191:18:191:23 | call to source |
-| string.cpp:213:8:213:9 | s9 | string.cpp:211:13:211:18 | call to source |
-| string.cpp:221:8:221:10 | s10 | string.cpp:218:12:218:26 | call to source |
+| string.cpp:28:7:28:7 | a | string.cpp:24:12:24:17 | call to source |
+| string.cpp:30:7:30:7 | c | string.cpp:26:16:26:21 | call to source |
+| string.cpp:32:9:32:13 | call to c_str | string.cpp:26:16:26:21 | call to source |
+| string.cpp:38:13:38:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
+| string.cpp:42:13:42:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
+| string.cpp:45:13:45:17 | call to c_str | string.cpp:14:10:14:15 | call to source |
+| string.cpp:55:7:55:8 | cs | string.cpp:50:19:50:24 | call to source |
+| string.cpp:56:7:56:8 | ss | string.cpp:50:19:50:24 | call to source |
+| string.cpp:69:7:69:8 | cs | string.cpp:61:19:61:24 | call to source |
+| string.cpp:70:7:70:8 | ss | string.cpp:61:19:61:24 | call to source |
+| string.cpp:92:8:92:9 | s1 | string.cpp:87:18:87:23 | call to source |
+| string.cpp:93:8:93:9 | s2 | string.cpp:88:20:88:25 | call to source |
+| string.cpp:94:8:94:9 | s3 | string.cpp:90:8:90:13 | call to source |
+| string.cpp:113:8:113:9 | s1 | string.cpp:109:32:109:37 | call to source |
+| string.cpp:114:8:114:9 | s2 | string.cpp:111:20:111:25 | call to source |
+| string.cpp:121:8:121:8 | c | string.cpp:119:16:119:21 | call to source |
+| string.cpp:129:8:129:8 | c | string.cpp:119:16:119:21 | call to source |
+| string.cpp:134:8:134:8 | c | string.cpp:132:28:132:33 | call to source |
+| string.cpp:144:11:144:11 | call to operator+ | string.cpp:141:18:141:23 | call to source |
+| string.cpp:145:11:145:11 | call to operator+ | string.cpp:141:18:141:23 | call to source |
+| string.cpp:146:11:146:11 | call to operator+ | string.cpp:141:18:141:23 | call to source |
+| string.cpp:149:11:149:11 | call to operator+ | string.cpp:149:13:149:18 | call to source |
+| string.cpp:158:8:158:9 | s5 | string.cpp:154:18:154:23 | call to source |
+| string.cpp:162:8:162:9 | s6 | string.cpp:154:18:154:23 | call to source |
+| string.cpp:167:8:167:9 | s7 | string.cpp:165:9:165:14 | call to source |
+| string.cpp:171:8:171:9 | s8 | string.cpp:154:18:154:23 | call to source |
+| string.cpp:176:8:176:9 | s9 | string.cpp:174:13:174:18 | call to source |
+| string.cpp:184:8:184:10 | s10 | string.cpp:181:12:181:26 | call to source |
 | structlikeclass.cpp:35:8:35:9 | s1 | structlikeclass.cpp:29:22:29:27 | call to source |
 | structlikeclass.cpp:36:8:36:9 | s2 | structlikeclass.cpp:30:24:30:29 | call to source |
 | structlikeclass.cpp:37:8:37:9 | s3 | structlikeclass.cpp:29:22:29:27 | call to source |

cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected

@@ -30,33 +30,33 @@
 | movableclass.cpp:55:8:55:9 | movableclass.cpp:52:23:52:28 | AST only |
 | movableclass.cpp:64:8:64:9 | movableclass.cpp:23:55:23:60 | AST only |
 | movableclass.cpp:65:11:65:11 | movableclass.cpp:65:13:65:18 | AST only |
-| string.cpp:31:7:31:7 | string.cpp:27:16:27:21 | AST only |
-| string.cpp:33:9:33:13 | string.cpp:27:16:27:21 | AST only |
-| string.cpp:75:13:75:17 | string.cpp:14:10:14:15 | AST only |
-| string.cpp:79:13:79:17 | string.cpp:14:10:14:15 | AST only |
-| string.cpp:82:13:82:17 | string.cpp:14:10:14:15 | AST only |
-| string.cpp:92:7:92:8 | string.cpp:87:19:87:26 | IR only |
-| string.cpp:93:7:93:8 | string.cpp:87:19:87:24 | AST only |
-| string.cpp:106:7:106:8 | string.cpp:98:19:98:24 | AST only |
-| string.cpp:107:7:107:8 | string.cpp:98:19:98:24 | AST only |
-| string.cpp:129:8:129:9 | string.cpp:124:18:124:23 | AST only |
-| string.cpp:130:8:130:9 | string.cpp:125:20:125:25 | AST only |
-| string.cpp:131:8:131:9 | string.cpp:127:8:127:13 | AST only |
-| string.cpp:150:8:150:9 | string.cpp:146:32:146:37 | AST only |
-| string.cpp:151:8:151:9 | string.cpp:148:20:148:25 | AST only |
-| string.cpp:158:8:158:8 | string.cpp:156:16:156:21 | AST only |
-| string.cpp:166:8:166:8 | string.cpp:156:16:156:21 | AST only |
-| string.cpp:171:8:171:8 | string.cpp:169:28:169:33 | AST only |
-| string.cpp:181:11:181:11 | string.cpp:178:18:178:23 | AST only |
-| string.cpp:182:11:182:11 | string.cpp:178:18:178:23 | AST only |
-| string.cpp:183:11:183:11 | string.cpp:178:18:178:23 | AST only |
-| string.cpp:186:11:186:11 | string.cpp:186:13:186:18 | AST only |
-| string.cpp:195:8:195:9 | string.cpp:191:18:191:23 | AST only |
-| string.cpp:199:8:199:9 | string.cpp:191:18:191:23 | AST only |
-| string.cpp:204:8:204:9 | string.cpp:202:9:202:14 | AST only |
-| string.cpp:208:8:208:9 | string.cpp:191:18:191:23 | AST only |
-| string.cpp:213:8:213:9 | string.cpp:211:13:211:18 | AST only |
-| string.cpp:221:8:221:10 | string.cpp:218:12:218:26 | AST only |
+| string.cpp:30:7:30:7 | string.cpp:26:16:26:21 | AST only |
+| string.cpp:32:9:32:13 | string.cpp:26:16:26:21 | AST only |
+| string.cpp:38:13:38:17 | string.cpp:14:10:14:15 | AST only |
+| string.cpp:42:13:42:17 | string.cpp:14:10:14:15 | AST only |
+| string.cpp:45:13:45:17 | string.cpp:14:10:14:15 | AST only |
+| string.cpp:55:7:55:8 | string.cpp:50:19:50:26 | IR only |
+| string.cpp:56:7:56:8 | string.cpp:50:19:50:24 | AST only |
+| string.cpp:69:7:69:8 | string.cpp:61:19:61:24 | AST only |
+| string.cpp:70:7:70:8 | string.cpp:61:19:61:24 | AST only |
+| string.cpp:92:8:92:9 | string.cpp:87:18:87:23 | AST only |
+| string.cpp:93:8:93:9 | string.cpp:88:20:88:25 | AST only |
+| string.cpp:94:8:94:9 | string.cpp:90:8:90:13 | AST only |
+| string.cpp:113:8:113:9 | string.cpp:109:32:109:37 | AST only |
+| string.cpp:114:8:114:9 | string.cpp:111:20:111:25 | AST only |
+| string.cpp:121:8:121:8 | string.cpp:119:16:119:21 | AST only |
+| string.cpp:129:8:129:8 | string.cpp:119:16:119:21 | AST only |
+| string.cpp:134:8:134:8 | string.cpp:132:28:132:33 | AST only |
+| string.cpp:144:11:144:11 | string.cpp:141:18:141:23 | AST only |
+| string.cpp:145:11:145:11 | string.cpp:141:18:141:23 | AST only |
+| string.cpp:146:11:146:11 | string.cpp:141:18:141:23 | AST only |
+| string.cpp:149:11:149:11 | string.cpp:149:13:149:18 | AST only |
+| string.cpp:158:8:158:9 | string.cpp:154:18:154:23 | AST only |
+| string.cpp:162:8:162:9 | string.cpp:154:18:154:23 | AST only |
+| string.cpp:167:8:167:9 | string.cpp:165:9:165:14 | AST only |
+| string.cpp:171:8:171:9 | string.cpp:154:18:154:23 | AST only |
+| string.cpp:176:8:176:9 | string.cpp:174:13:174:18 | AST only |
+| string.cpp:184:8:184:10 | string.cpp:181:12:181:26 | AST only |
 | structlikeclass.cpp:35:8:35:9 | structlikeclass.cpp:29:22:29:27 | AST only |
 | structlikeclass.cpp:36:8:36:9 | structlikeclass.cpp:30:24:30:29 | AST only |
 | structlikeclass.cpp:37:8:37:9 | structlikeclass.cpp:29:22:29:27 | AST only |

cpp/ql/test/library-tests/dataflow/taint-tests/test_diff.expected

@@ -1,10 +1,10 @@
 | format.cpp:157:7:157:22 | (int)... | format.cpp:147:12:147:25 | call to source |
 | format.cpp:157:7:157:22 | access to array | format.cpp:147:12:147:25 | call to source |
 | format.cpp:158:7:158:27 | ... + ... | format.cpp:148:16:148:30 | call to source |
-| string.cpp:29:7:29:7 | (const char *)... | string.cpp:25:12:25:17 | call to source |
-| string.cpp:29:7:29:7 | a | string.cpp:25:12:25:17 | call to source |
-| string.cpp:92:7:92:8 | cs | string.cpp:87:19:87:24 | call to source |
-| string.cpp:92:7:92:8 | cs | string.cpp:87:19:87:26 | (const char *)... |
+| string.cpp:28:7:28:7 | (const char *)... | string.cpp:24:12:24:17 | call to source |
+| string.cpp:28:7:28:7 | a | string.cpp:24:12:24:17 | call to source |
+| string.cpp:55:7:55:8 | cs | string.cpp:50:19:50:24 | call to source |
+| string.cpp:55:7:55:8 | cs | string.cpp:50:19:50:26 | (const char *)... |
 | structlikeclass.cpp:38:8:38:9 | s4 | structlikeclass.cpp:33:8:33:13 | call to source |
 | structlikeclass.cpp:61:8:61:9 | s2 | structlikeclass.cpp:58:24:58:29 | call to source |
 | structlikeclass.cpp:62:8:62:20 | ... = ... | structlikeclass.cpp:62:13:62:18 | call to source |