C++: Add summary for ReadFileEx and accept test changes.

MathiasVP · MathiasVP · commit 76c2d24a7ef4 · 2025-05-27T12:41:22.000+01:00
diff --git a/cpp/ql/lib/ext/Windows.model.yml b/cpp/ql/lib/ext/Windows.model.yml
@@ -31,3 +31,5 @@ extensions:
       # shellapi.h
       - ["", "", False, "CommandLineToArgvA", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
       - ["", "", False, "CommandLineToArgvW", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
+      # fileapi.h
+      - ["", "", False, "ReadFileEx", "", "", "Argument[*3].Field[@hEvent]", "Argument[4].Parameter[*2].Field[@hEvent]", "value", "manual"]
diff --git a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected
@@ -10,31 +10,31 @@ edges
 | asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:6 |
 | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance |  |
 | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:10 |
-| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:23507 |
-| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:23508 |
-| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:23509 |
+| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:23508 |
+| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:23509 |
+| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:23510 |
 | test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance |  |
 | test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance |  |
-| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:23505  |
-| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:23506 |
+| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:23506  |
+| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:23507 |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:17:24:17:24 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:21:27:21:27 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:25:35:25:35 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance |  |
 | test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance |  |
-| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:23506 |
+| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:23507 |
 | test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance |  |
-| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:23507 |
+| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:23508 |
 | test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance |  |
-| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:23506 |
+| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:23507 |
 | test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance |  |
-| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:23508 |
+| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:23509 |
 | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance |  |
-| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:23506 |
+| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:23507 |
 | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance |  |
-| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:23509 |
+| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:23510 |
 | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance |  |
-| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:23506 |
+| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:23507 |
 | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance |  |
 | test.cpp:32:41:32:41 | x | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance |  |
 | windows.cpp:6:8:6:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:6:8:6:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:341 |
@@ -48,8 +48,35 @@ edges
 | windows.cpp:23:17:23:38 | *call to GetEnvironmentStringsA | windows.cpp:23:17:23:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:327  |
 | windows.cpp:23:17:23:38 | *call to GetEnvironmentStringsA | windows.cpp:25:10:25:13 | * ... | provenance |  |
 | windows.cpp:28:36:28:38 | GetEnvironmentVariableA output argument | windows.cpp:30:10:30:13 | * ... | provenance | Src:MaD:329  |
+| windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance |  |
+| windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance |  |
+| windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:343 |
+| windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:343 |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:143:16:143:27 | *lpOverlapped [*hEvent] | provenance |  |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:153:16:153:27 | *lpOverlapped [hEvent] | provenance |  |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance |  |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | provenance |  |
+| windows.cpp:143:16:143:27 | *lpOverlapped [*hEvent] | windows.cpp:145:42:145:53 | *lpOverlapped [*hEvent] | provenance |  |
+| windows.cpp:145:18:145:62 | *hEvent | windows.cpp:145:18:145:62 | *hEvent | provenance |  |
+| windows.cpp:145:18:145:62 | *hEvent | windows.cpp:147:8:147:14 | * ... | provenance |  |
+| windows.cpp:145:42:145:53 | *lpOverlapped [*hEvent] | windows.cpp:145:18:145:62 | *hEvent | provenance |  |
+| windows.cpp:145:42:145:53 | *lpOverlapped [*hEvent] | windows.cpp:145:56:145:61 | *hEvent | provenance |  |
+| windows.cpp:145:56:145:61 | *hEvent | windows.cpp:145:18:145:62 | *hEvent | provenance |  |
+| windows.cpp:153:16:153:27 | *lpOverlapped [hEvent] | windows.cpp:155:35:155:46 | *lpOverlapped [hEvent] | provenance |  |
+| windows.cpp:155:12:155:55 | hEvent | windows.cpp:155:12:155:55 | hEvent | provenance |  |
+| windows.cpp:155:12:155:55 | hEvent | windows.cpp:156:8:156:8 | c | provenance |  |
+| windows.cpp:155:35:155:46 | *lpOverlapped [hEvent] | windows.cpp:155:12:155:55 | hEvent | provenance |  |
+| windows.cpp:155:35:155:46 | *lpOverlapped [hEvent] | windows.cpp:155:12:155:55 | hEvent | provenance |  |
 | windows.cpp:164:35:164:40 | ReadFile output argument | windows.cpp:166:10:166:16 | * ... | provenance | Src:MaD:331  |
 | windows.cpp:173:23:173:28 | ReadFileEx output argument | windows.cpp:175:10:175:16 | * ... | provenance | Src:MaD:332  |
+| windows.cpp:185:21:185:26 | ReadFile output argument | windows.cpp:186:5:186:56 | *... = ... | provenance | Src:MaD:331  |
+| windows.cpp:186:5:186:14 | *overlapped [post update] [*hEvent] | windows.cpp:188:53:188:63 | *& ... [*hEvent] | provenance |  |
+| windows.cpp:186:5:186:56 | *... = ... | windows.cpp:186:5:186:14 | *overlapped [post update] [*hEvent] | provenance |  |
+| windows.cpp:188:53:188:63 | *& ... [*hEvent] | windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance |  |
+| windows.cpp:194:21:194:26 | ReadFile output argument | windows.cpp:195:5:195:57 | ... = ... | provenance | Src:MaD:331  |
+| windows.cpp:195:5:195:14 | *overlapped [post update] [hEvent] | windows.cpp:197:53:197:63 | *& ... [hEvent] | provenance |  |
+| windows.cpp:195:5:195:57 | ... = ... | windows.cpp:195:5:195:14 | *overlapped [post update] [hEvent] | provenance |  |
+| windows.cpp:197:53:197:63 | *& ... [hEvent] | windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance |  |
 | windows.cpp:205:84:205:89 | NtReadFile output argument | windows.cpp:207:10:207:16 | * ... | provenance | Src:MaD:340  |
 | windows.cpp:282:23:282:35 | *call to MapViewOfFile | windows.cpp:282:23:282:35 | *call to MapViewOfFile | provenance | Src:MaD:333  |
 | windows.cpp:282:23:282:35 | *call to MapViewOfFile | windows.cpp:283:20:283:52 | *pMapView | provenance |  |
@@ -127,10 +154,37 @@ nodes
 | windows.cpp:25:10:25:13 | * ... | semmle.label | * ... |
 | windows.cpp:28:36:28:38 | GetEnvironmentVariableA output argument | semmle.label | GetEnvironmentVariableA output argument |
 | windows.cpp:30:10:30:13 | * ... | semmle.label | * ... |
+| windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [*hEvent] | semmle.label | [summary param] *3 in ReadFileEx [*hEvent] |
+| windows.cpp:86:6:86:15 | [summary param] *3 in ReadFileEx [hEvent] | semmle.label | [summary param] *3 in ReadFileEx [hEvent] |
+| windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx |
+| windows.cpp:86:6:86:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx |
+| windows.cpp:86:6:86:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx |
+| windows.cpp:143:16:143:27 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
+| windows.cpp:145:18:145:62 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:145:18:145:62 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:145:42:145:53 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
+| windows.cpp:145:56:145:61 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:147:8:147:14 | * ... | semmle.label | * ... |
+| windows.cpp:153:16:153:27 | *lpOverlapped [hEvent] | semmle.label | *lpOverlapped [hEvent] |
+| windows.cpp:155:12:155:55 | hEvent | semmle.label | hEvent |
+| windows.cpp:155:12:155:55 | hEvent | semmle.label | hEvent |
+| windows.cpp:155:35:155:46 | *lpOverlapped [hEvent] | semmle.label | *lpOverlapped [hEvent] |
+| windows.cpp:156:8:156:8 | c | semmle.label | c |
 | windows.cpp:164:35:164:40 | ReadFile output argument | semmle.label | ReadFile output argument |
 | windows.cpp:166:10:166:16 | * ... | semmle.label | * ... |
 | windows.cpp:173:23:173:28 | ReadFileEx output argument | semmle.label | ReadFileEx output argument |
 | windows.cpp:175:10:175:16 | * ... | semmle.label | * ... |
+| windows.cpp:185:21:185:26 | ReadFile output argument | semmle.label | ReadFile output argument |
+| windows.cpp:186:5:186:14 | *overlapped [post update] [*hEvent] | semmle.label | *overlapped [post update] [*hEvent] |
+| windows.cpp:186:5:186:56 | *... = ... | semmle.label | *... = ... |
+| windows.cpp:188:53:188:63 | *& ... [*hEvent] | semmle.label | *& ... [*hEvent] |
+| windows.cpp:194:21:194:26 | ReadFile output argument | semmle.label | ReadFile output argument |
+| windows.cpp:195:5:195:14 | *overlapped [post update] [hEvent] | semmle.label | *overlapped [post update] [hEvent] |
+| windows.cpp:195:5:195:57 | ... = ... | semmle.label | ... = ... |
+| windows.cpp:197:53:197:63 | *& ... [hEvent] | semmle.label | *& ... [hEvent] |
 | windows.cpp:205:84:205:89 | NtReadFile output argument | semmle.label | NtReadFile output argument |
 | windows.cpp:207:10:207:16 | * ... | semmle.label | * ... |
 | windows.cpp:282:23:282:35 | *call to MapViewOfFile | semmle.label | *call to MapViewOfFile |
diff --git a/cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected b/cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
@@ -3771,3 +3771,7 @@
 | Dubious signature "(wchar_t *)" in summary model. |
 | Dubious signature "(wchar_t, const CStringT &)" in summary model. |
 | Dubious signature "(wchar_t,const CStringT &)" in summary model. |
+| Unrecognized input specification "Field[****hEvent]" in summary model. |
+| Unrecognized input specification "Field[***hEvent]" in summary model. |
+| Unrecognized output specification "Field[****hEvent]" in summary model. |
+| Unrecognized output specification "Field[***hEvent]" in summary model. |
diff --git a/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp b/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp
@@ -144,7 +144,7 @@ void FileIOCompletionRoutine2(
 ) {
   char* buffer = reinterpret_cast<char*>(lpOverlapped->hEvent);
   sink(buffer);
-  sink(*buffer); // $ MISSING: ir
+  sink(*buffer); // $ ir
 }
 
 void FileIOCompletionRoutine3(
@@ -153,7 +153,7 @@ void FileIOCompletionRoutine3(
   LPOVERLAPPED lpOverlapped
 ) {
   char c = reinterpret_cast<char>(lpOverlapped->hEvent);
-  sink(c); // $ MISSING: ir
+  sink(c); // $ ir
 }
 
 void readFile(HANDLE hFile) {
