Skip to content

Commit f343eb9

Browse files
geoffw0geoffw0
committed
C++: Split stl.cpp into string.cpp and vector.cpp.
1 parent 5d7f771 commit f343eb9

File tree

6 files changed

+373
-496
lines changed

6 files changed

+373
-496
lines changed

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

Lines changed: 278 additions & 278 deletions
Large diffs are not rendered by default.

cpp/ql/test/library-tests/dataflow/taint-tests/stl.cpp renamed to cpp/ql/test/library-tests/dataflow/taint-tests/string.cpp

Lines changed: 0 additions & 153 deletions
Original file line numberDiff line numberDiff line change
@@ -1,104 +1,6 @@
11

22
#include "stl.h"
33

4-
5-
6-
7-
8-
9-
10-
11-
12-
13-
14-
15-
16-
17-
18-
19-
20-
21-
22-
23-
24-
25-
26-
27-
28-
29-
30-
31-
32-
33-
34-
35-
36-
37-
38-
39-
40-
41-
42-
43-
44-
45-
46-
47-
48-
49-
50-
51-
52-
53-
54-
55-
56-
57-
58-
59-
60-
61-
62-
63-
64-
65-
66-
67-
68-
69-
70-
71-
72-
73-
74-
75-
76-
77-
78-
79-
80-
81-
82-
83-
84-
85-
86-
87-
88-
89-
90-
91-
92-
93-
94-
95-
96-
97-
98-
99-
100-
101-
1024
char *source();
1035
void sink(const char *s) {};
1046
void sink(const std::string &s) {};
@@ -266,61 +168,6 @@ void test_range_based_for_loop_string() {
266168
}
267169
}
268170

269-
270-
271-
272-
273-
274-
275-
276-
277-
278-
279-
280-
281-
282-
283-
284-
285-
286-
287-
288-
289-
290-
291-
292-
293-
294-
295-
296-
297-
298-
void sink(int);
299-
300-
void test_range_based_for_loop_vector(int source1) {
301-
// Tainting the vector by allocating a tainted length. This doesn't represent
302-
// how a vector would typically get tainted, but it allows this test to avoid
303-
// being concerned with std::vector modeling.
304-
std::vector<int> v(source1);
305-
306-
for(int x : v) {
307-
sink(x); // tainted [NOT DETECTED by IR]
308-
}
309-
310-
for(std::vector<int>::iterator it = v.begin(); it != v.end(); ++it) {
311-
sink(*it); // tainted [NOT DETECTED]
312-
}
313-
314-
for(int& x : v) {
315-
sink(x); // tainted [NOT DETECTED by IR]
316-
}
317-
318-
const std::vector<int> const_v(source1);
319-
for(const int& x : const_v) {
320-
sink(x); // tainted [NOT DETECTED by IR]
321-
}
322-
}
323-
324171
namespace ns_char
325172
{
326173
char source();

cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected

Lines changed: 31 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -32,37 +32,34 @@
3232
| movableclass.cpp:55:8:55:9 | s2 | movableclass.cpp:52:23:52:28 | call to source |
3333
| movableclass.cpp:64:8:64:9 | s2 | movableclass.cpp:23:55:23:60 | call to source |
3434
| movableclass.cpp:65:11:65:11 | call to operator= | movableclass.cpp:65:13:65:18 | call to source |
35-
| stl.cpp:113:7:113:7 | a | stl.cpp:109:12:109:17 | call to source |
36-
| stl.cpp:115:7:115:7 | c | stl.cpp:111:16:111:21 | call to source |
37-
| stl.cpp:117:9:117:13 | call to c_str | stl.cpp:111:16:111:21 | call to source |
38-
| stl.cpp:167:13:167:17 | call to c_str | stl.cpp:159:10:159:15 | call to source |
39-
| stl.cpp:171:13:171:17 | call to c_str | stl.cpp:159:10:159:15 | call to source |
40-
| stl.cpp:174:13:174:17 | call to c_str | stl.cpp:159:10:159:15 | call to source |
41-
| stl.cpp:184:7:184:8 | cs | stl.cpp:179:19:179:24 | call to source |
42-
| stl.cpp:185:7:185:8 | ss | stl.cpp:179:19:179:24 | call to source |
43-
| stl.cpp:198:7:198:8 | cs | stl.cpp:190:19:190:24 | call to source |
44-
| stl.cpp:199:7:199:8 | ss | stl.cpp:190:19:190:24 | call to source |
45-
| stl.cpp:221:8:221:9 | s1 | stl.cpp:216:18:216:23 | call to source |
46-
| stl.cpp:222:8:222:9 | s2 | stl.cpp:217:20:217:25 | call to source |
47-
| stl.cpp:223:8:223:9 | s3 | stl.cpp:219:8:219:13 | call to source |
48-
| stl.cpp:242:8:242:9 | s1 | stl.cpp:238:32:238:37 | call to source |
49-
| stl.cpp:243:8:243:9 | s2 | stl.cpp:240:20:240:25 | call to source |
50-
| stl.cpp:252:8:252:8 | c | stl.cpp:250:16:250:21 | call to source |
51-
| stl.cpp:260:8:260:8 | c | stl.cpp:250:16:250:21 | call to source |
52-
| stl.cpp:265:8:265:8 | c | stl.cpp:263:28:263:33 | call to source |
53-
| stl.cpp:307:8:307:8 | x | stl.cpp:300:43:300:49 | source1 |
54-
| stl.cpp:315:8:315:8 | x | stl.cpp:300:43:300:49 | source1 |
55-
| stl.cpp:320:8:320:8 | x | stl.cpp:300:43:300:49 | source1 |
56-
| stl.cpp:335:11:335:11 | call to operator+ | stl.cpp:332:18:332:23 | call to source |
57-
| stl.cpp:336:11:336:11 | call to operator+ | stl.cpp:332:18:332:23 | call to source |
58-
| stl.cpp:337:11:337:11 | call to operator+ | stl.cpp:332:18:332:23 | call to source |
59-
| stl.cpp:340:11:340:11 | call to operator+ | stl.cpp:340:13:340:18 | call to source |
60-
| stl.cpp:349:8:349:9 | s5 | stl.cpp:345:18:345:23 | call to source |
61-
| stl.cpp:353:8:353:9 | s6 | stl.cpp:345:18:345:23 | call to source |
62-
| stl.cpp:358:8:358:9 | s7 | stl.cpp:356:9:356:14 | call to source |
63-
| stl.cpp:362:8:362:9 | s8 | stl.cpp:345:18:345:23 | call to source |
64-
| stl.cpp:367:8:367:9 | s9 | stl.cpp:365:13:365:18 | call to source |
65-
| stl.cpp:375:8:375:10 | s10 | stl.cpp:372:12:372:26 | call to source |
35+
| string.cpp:15:7:15:7 | a | string.cpp:11:12:11:17 | call to source |
36+
| string.cpp:17:7:17:7 | c | string.cpp:13:16:13:21 | call to source |
37+
| string.cpp:19:9:19:13 | call to c_str | string.cpp:13:16:13:21 | call to source |
38+
| string.cpp:69:13:69:17 | call to c_str | string.cpp:61:10:61:15 | call to source |
39+
| string.cpp:73:13:73:17 | call to c_str | string.cpp:61:10:61:15 | call to source |
40+
| string.cpp:76:13:76:17 | call to c_str | string.cpp:61:10:61:15 | call to source |
41+
| string.cpp:86:7:86:8 | cs | string.cpp:81:19:81:24 | call to source |
42+
| string.cpp:87:7:87:8 | ss | string.cpp:81:19:81:24 | call to source |
43+
| string.cpp:100:7:100:8 | cs | string.cpp:92:19:92:24 | call to source |
44+
| string.cpp:101:7:101:8 | ss | string.cpp:92:19:92:24 | call to source |
45+
| string.cpp:123:8:123:9 | s1 | string.cpp:118:18:118:23 | call to source |
46+
| string.cpp:124:8:124:9 | s2 | string.cpp:119:20:119:25 | call to source |
47+
| string.cpp:125:8:125:9 | s3 | string.cpp:121:8:121:13 | call to source |
48+
| string.cpp:144:8:144:9 | s1 | string.cpp:140:32:140:37 | call to source |
49+
| string.cpp:145:8:145:9 | s2 | string.cpp:142:20:142:25 | call to source |
50+
| string.cpp:154:8:154:8 | c | string.cpp:152:16:152:21 | call to source |
51+
| string.cpp:162:8:162:8 | c | string.cpp:152:16:152:21 | call to source |
52+
| string.cpp:167:8:167:8 | c | string.cpp:165:28:165:33 | call to source |
53+
| string.cpp:182:11:182:11 | call to operator+ | string.cpp:179:18:179:23 | call to source |
54+
| string.cpp:183:11:183:11 | call to operator+ | string.cpp:179:18:179:23 | call to source |
55+
| string.cpp:184:11:184:11 | call to operator+ | string.cpp:179:18:179:23 | call to source |
56+
| string.cpp:187:11:187:11 | call to operator+ | string.cpp:187:13:187:18 | call to source |
57+
| string.cpp:196:8:196:9 | s5 | string.cpp:192:18:192:23 | call to source |
58+
| string.cpp:200:8:200:9 | s6 | string.cpp:192:18:192:23 | call to source |
59+
| string.cpp:205:8:205:9 | s7 | string.cpp:203:9:203:14 | call to source |
60+
| string.cpp:209:8:209:9 | s8 | string.cpp:192:18:192:23 | call to source |
61+
| string.cpp:214:8:214:9 | s9 | string.cpp:212:13:212:18 | call to source |
62+
| string.cpp:222:8:222:10 | s10 | string.cpp:219:12:219:26 | call to source |
6663
| structlikeclass.cpp:35:8:35:9 | s1 | structlikeclass.cpp:29:22:29:27 | call to source |
6764
| structlikeclass.cpp:36:8:36:9 | s2 | structlikeclass.cpp:30:24:30:29 | call to source |
6865
| structlikeclass.cpp:37:8:37:9 | s3 | structlikeclass.cpp:29:22:29:27 | call to source |
@@ -169,3 +166,6 @@
169166
| taint.cpp:470:7:470:7 | x | taint.cpp:462:6:462:11 | call to source |
170167
| taint.cpp:471:7:471:7 | y | taint.cpp:462:6:462:11 | call to source |
171168
| taint.cpp:485:7:485:10 | line | taint.cpp:480:26:480:32 | source1 |
169+
| vector.cpp:15:8:15:8 | x | vector.cpp:8:43:8:49 | source1 |
170+
| vector.cpp:23:8:23:8 | x | vector.cpp:8:43:8:49 | source1 |
171+
| vector.cpp:28:8:28:8 | x | vector.cpp:8:43:8:49 | source1 |

cpp/ql/test/library-tests/dataflow/taint-tests/test_diff.expected

Lines changed: 30 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -30,36 +30,33 @@
3030
| movableclass.cpp:55:8:55:9 | movableclass.cpp:52:23:52:28 | AST only |
3131
| movableclass.cpp:64:8:64:9 | movableclass.cpp:23:55:23:60 | AST only |
3232
| movableclass.cpp:65:11:65:11 | movableclass.cpp:65:13:65:18 | AST only |
33-
| stl.cpp:115:7:115:7 | stl.cpp:111:16:111:21 | AST only |
34-
| stl.cpp:117:9:117:13 | stl.cpp:111:16:111:21 | AST only |
35-
| stl.cpp:167:13:167:17 | stl.cpp:159:10:159:15 | AST only |
36-
| stl.cpp:171:13:171:17 | stl.cpp:159:10:159:15 | AST only |
37-
| stl.cpp:174:13:174:17 | stl.cpp:159:10:159:15 | AST only |
38-
| stl.cpp:184:7:184:8 | stl.cpp:179:19:179:26 | IR only |
39-
| stl.cpp:185:7:185:8 | stl.cpp:179:19:179:24 | AST only |
40-
| stl.cpp:198:7:198:8 | stl.cpp:190:19:190:24 | AST only |
41-
| stl.cpp:199:7:199:8 | stl.cpp:190:19:190:24 | AST only |
42-
| stl.cpp:221:8:221:9 | stl.cpp:216:18:216:23 | AST only |
43-
| stl.cpp:222:8:222:9 | stl.cpp:217:20:217:25 | AST only |
44-
| stl.cpp:223:8:223:9 | stl.cpp:219:8:219:13 | AST only |
45-
| stl.cpp:242:8:242:9 | stl.cpp:238:32:238:37 | AST only |
46-
| stl.cpp:243:8:243:9 | stl.cpp:240:20:240:25 | AST only |
47-
| stl.cpp:252:8:252:8 | stl.cpp:250:16:250:21 | AST only |
48-
| stl.cpp:260:8:260:8 | stl.cpp:250:16:250:21 | AST only |
49-
| stl.cpp:265:8:265:8 | stl.cpp:263:28:263:33 | AST only |
50-
| stl.cpp:307:8:307:8 | stl.cpp:300:43:300:49 | AST only |
51-
| stl.cpp:315:8:315:8 | stl.cpp:300:43:300:49 | AST only |
52-
| stl.cpp:320:8:320:8 | stl.cpp:300:43:300:49 | AST only |
53-
| stl.cpp:335:11:335:11 | stl.cpp:332:18:332:23 | AST only |
54-
| stl.cpp:336:11:336:11 | stl.cpp:332:18:332:23 | AST only |
55-
| stl.cpp:337:11:337:11 | stl.cpp:332:18:332:23 | AST only |
56-
| stl.cpp:340:11:340:11 | stl.cpp:340:13:340:18 | AST only |
57-
| stl.cpp:349:8:349:9 | stl.cpp:345:18:345:23 | AST only |
58-
| stl.cpp:353:8:353:9 | stl.cpp:345:18:345:23 | AST only |
59-
| stl.cpp:358:8:358:9 | stl.cpp:356:9:356:14 | AST only |
60-
| stl.cpp:362:8:362:9 | stl.cpp:345:18:345:23 | AST only |
61-
| stl.cpp:367:8:367:9 | stl.cpp:365:13:365:18 | AST only |
62-
| stl.cpp:375:8:375:10 | stl.cpp:372:12:372:26 | AST only |
33+
| string.cpp:17:7:17:7 | string.cpp:13:16:13:21 | AST only |
34+
| string.cpp:19:9:19:13 | string.cpp:13:16:13:21 | AST only |
35+
| string.cpp:69:13:69:17 | string.cpp:61:10:61:15 | AST only |
36+
| string.cpp:73:13:73:17 | string.cpp:61:10:61:15 | AST only |
37+
| string.cpp:76:13:76:17 | string.cpp:61:10:61:15 | AST only |
38+
| string.cpp:86:7:86:8 | string.cpp:81:19:81:26 | IR only |
39+
| string.cpp:87:7:87:8 | string.cpp:81:19:81:24 | AST only |
40+
| string.cpp:100:7:100:8 | string.cpp:92:19:92:24 | AST only |
41+
| string.cpp:101:7:101:8 | string.cpp:92:19:92:24 | AST only |
42+
| string.cpp:123:8:123:9 | string.cpp:118:18:118:23 | AST only |
43+
| string.cpp:124:8:124:9 | string.cpp:119:20:119:25 | AST only |
44+
| string.cpp:125:8:125:9 | string.cpp:121:8:121:13 | AST only |
45+
| string.cpp:144:8:144:9 | string.cpp:140:32:140:37 | AST only |
46+
| string.cpp:145:8:145:9 | string.cpp:142:20:142:25 | AST only |
47+
| string.cpp:154:8:154:8 | string.cpp:152:16:152:21 | AST only |
48+
| string.cpp:162:8:162:8 | string.cpp:152:16:152:21 | AST only |
49+
| string.cpp:167:8:167:8 | string.cpp:165:28:165:33 | AST only |
50+
| string.cpp:182:11:182:11 | string.cpp:179:18:179:23 | AST only |
51+
| string.cpp:183:11:183:11 | string.cpp:179:18:179:23 | AST only |
52+
| string.cpp:184:11:184:11 | string.cpp:179:18:179:23 | AST only |
53+
| string.cpp:187:11:187:11 | string.cpp:187:13:187:18 | AST only |
54+
| string.cpp:196:8:196:9 | string.cpp:192:18:192:23 | AST only |
55+
| string.cpp:200:8:200:9 | string.cpp:192:18:192:23 | AST only |
56+
| string.cpp:205:8:205:9 | string.cpp:203:9:203:14 | AST only |
57+
| string.cpp:209:8:209:9 | string.cpp:192:18:192:23 | AST only |
58+
| string.cpp:214:8:214:9 | string.cpp:212:13:212:18 | AST only |
59+
| string.cpp:222:8:222:10 | string.cpp:219:12:219:26 | AST only |
6360
| structlikeclass.cpp:35:8:35:9 | structlikeclass.cpp:29:22:29:27 | AST only |
6461
| structlikeclass.cpp:36:8:36:9 | structlikeclass.cpp:30:24:30:29 | AST only |
6562
| structlikeclass.cpp:37:8:37:9 | structlikeclass.cpp:29:22:29:27 | AST only |
@@ -104,3 +101,6 @@
104101
| taint.cpp:446:7:446:7 | taint.cpp:445:14:445:28 | AST only |
105102
| taint.cpp:447:9:447:17 | taint.cpp:445:14:445:28 | AST only |
106103
| taint.cpp:471:7:471:7 | taint.cpp:462:6:462:11 | AST only |
104+
| vector.cpp:15:8:15:8 | vector.cpp:8:43:8:49 | AST only |
105+
| vector.cpp:23:8:23:8 | vector.cpp:8:43:8:49 | AST only |
106+
| vector.cpp:28:8:28:8 | vector.cpp:8:43:8:49 | AST only |

cpp/ql/test/library-tests/dataflow/taint-tests/test_ir.expected

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
| format.cpp:157:7:157:22 | (int)... | format.cpp:147:12:147:25 | call to source |
22
| format.cpp:157:7:157:22 | access to array | format.cpp:147:12:147:25 | call to source |
33
| format.cpp:158:7:158:27 | ... + ... | format.cpp:148:16:148:30 | call to source |
4-
| stl.cpp:113:7:113:7 | (const char *)... | stl.cpp:109:12:109:17 | call to source |
5-
| stl.cpp:113:7:113:7 | a | stl.cpp:109:12:109:17 | call to source |
6-
| stl.cpp:184:7:184:8 | cs | stl.cpp:179:19:179:24 | call to source |
7-
| stl.cpp:184:7:184:8 | cs | stl.cpp:179:19:179:26 | (const char *)... |
4+
| string.cpp:15:7:15:7 | (const char *)... | string.cpp:11:12:11:17 | call to source |
5+
| string.cpp:15:7:15:7 | a | string.cpp:11:12:11:17 | call to source |
6+
| string.cpp:86:7:86:8 | cs | string.cpp:81:19:81:24 | call to source |
7+
| string.cpp:86:7:86:8 | cs | string.cpp:81:19:81:26 | (const char *)... |
88
| structlikeclass.cpp:38:8:38:9 | s4 | structlikeclass.cpp:33:8:33:13 | call to source |
99
| structlikeclass.cpp:61:8:61:9 | s2 | structlikeclass.cpp:58:24:58:29 | call to source |
1010
| structlikeclass.cpp:62:8:62:20 | ... = ... | structlikeclass.cpp:62:13:62:18 | call to source |

cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
2+
#include "stl.h"
3+
4+
using namespace std;
5+
6+
void sink(int);
7+
8+
void test_range_based_for_loop_vector(int source1) {
9+
// Tainting the vector by allocating a tainted length. This doesn't represent
10+
// how a vector would typically get tainted, but it allows this test to avoid
11+
// being concerned with std::vector modeling.
12+
std::vector<int> v(source1);
13+
14+
for(int x : v) {
15+
sink(x); // tainted [NOT DETECTED by IR]
16+
}
17+
18+
for(std::vector<int>::iterator it = v.begin(); it != v.end(); ++it) {
19+
sink(*it); // tainted [NOT DETECTED]
20+
}
21+
22+
for(int& x : v) {
23+
sink(x); // tainted [NOT DETECTED by IR]
24+
}
25+
26+
const std::vector<int> const_v(source1);
27+
for(const int& x : const_v) {
28+
sink(x); // tainted [NOT DETECTED by IR]
29+
}
30+
}

0 commit comments

Comments
 (0)