C++: Add a test case involving nested function calls.

geoffw0 · geoffw0 · commit d590952aaa78 · 2021-06-17T12:23:18.000+01:00
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-327/BrokenCryptoAlgorithm.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-327/BrokenCryptoAlgorithm.expected
@@ -17,6 +17,7 @@
 | test2.cpp:49:4:49:24 | call to my_des_implementation | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test2.cpp:358:24:358:43 | call to getEncryptionNameDES | call to getEncryptionNameDES |
 | test2.cpp:49:4:49:24 | call to my_des_implementation | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test2.cpp:373:10:373:29 | call to getEncryptionNameDES | call to getEncryptionNameDES |
 | test2.cpp:49:4:49:24 | call to my_des_implementation | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test2.cpp:383:42:383:49 | ALGO_DES | invocation of macro ALGO_DES |
+| test2.cpp:49:4:49:24 | call to my_des_implementation | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test2.cpp:399:26:399:45 | call to getEncryptionNameDES | call to getEncryptionNameDES |
 | test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | invocation of macro ENCRYPT_WITH_DES |
 | test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test.cpp:39:2:39:31 | ENCRYPT_WITH_RC2(data,amount) | invocation of macro ENCRYPT_WITH_RC2 |
 | test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This file makes use of a broken or weak cryptographic algorithm (specified by $@). | test.cpp:41:2:41:32 | ENCRYPT_WITH_3DES(data,amount) | invocation of macro ENCRYPT_WITH_3DES |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-327/test2.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-327/test2.cpp
@@ -389,3 +389,13 @@ void test_string_comparisons3(const char *algo_name)
 		// ...
 	}
 }
+
+// --- function call in a function call ---
+
+void doEncryption(char *data, size_t len, const char *algorithmName);
+
+void test_fn_in_fn(char *data, size_t len)
+{
+	doEncryption(data, len, getEncryptionNameDES()); // BAD
+	doEncryption(data, len, getEncryptionNameAES()); // GOOD
+}

Original file line number	Diff line number	Diff line change
`@@ -389,3 +389,13 @@ void test_string_comparisons3(const char *algo_name)`
`389`	`389`	`// ...`
`390`	`390`	`}`
`391`	`391`	`}`
	`392`	`+`
	`393`	`+// --- function call in a function call ---`
	`394`	`+`
	`395`	`+void doEncryption(char data, size_t len, const char algorithmName);`
	`396`	`+`
	`397`	`+void test_fn_in_fn(char *data, size_t len)`
	`398`	`+{`
	`399`	`+ doEncryption(data, len, getEncryptionNameDES()); // BAD`
	`400`	`+ doEncryption(data, len, getEncryptionNameAES()); // GOOD`
	`401`	`+}`