Add failing tests for MaD with pointer content

Author: owen-mc

go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ext.yml

@@ -22,7 +22,9 @@ extensions:
       - ["github.com/nonexistent/test", "", False, "GetMapKey", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"]
       - ["github.com/nonexistent/test", "", False, "SetElement", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"]
       - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"]
+      - ["github.com/nonexistent/test", "C", False, "GetThroughPointer", "", "", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"]
       - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "value", "manual"]
+      - ["github.com/nonexistent/test", "C", False, "SetThroughPointer", "", "", "Argument[0]", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "value", "manual"]
 
   - addsTo:
       pack: codeql/go-all

go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/test.go

@@ -141,6 +141,22 @@ func simpleflow() {
 	c4.Set("")
 	b.Sink1(c4.Get()) // $ SPURIOUS: hasTaintFlow="call to Get" // because we currently don't clear content
 
+	cp1 := &test.C{""}
+	cp1.SetThroughPointer(a.Src1().(string))
+	b.Sink1(cp1.F) // $ MISSING: hasTaintFlow="selection of F"
+
+	cp2 := &test.C{a.Src1().(string)}
+	b.Sink1(cp2.GetThroughPointer()) // $ MISSING: hasTaintFlow="call to GetThroughPointer"
+
+	cp3 := &test.C{""}
+	cp3.SetThroughPointer(a.Src1().(string))
+	b.Sink1(cp3.GetThroughPointer()) // $ hasTaintFlow="call to GetThroughPointer"
+
+	cp4 := &test.C{""}
+	cp4.SetThroughPointer(a.Src1().(string))
+	cp4.SetThroughPointer("")
+	b.Sink1(cp4.GetThroughPointer()) // $ SPURIOUS: hasTaintFlow="call to GetThroughPointer" // because we currently don't clear content
+
 	arg1 := src
 	arg2 := src
 	arg3 := src