Skip to content

Commit 23077fc

Browse files
jketemajketema
committed
C++: Update test results
1 parent 7425112 commit 23077fc

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ edges
99
| test.c:48:20:48:33 | *globalUsername | test.c:51:18:51:23 | *query1 | provenance | TaintFunction |
1010
| test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | provenance | |
1111
| test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | provenance | |
12+
| test.c:99:57:99:64 | *pCmdLine | test.c:103:18:103:23 | *query1 | provenance | TaintFunction |
1213
| test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | provenance | |
1314
nodes
1415
| test.c:14:27:14:30 | **argv | semmle.label | **argv |
@@ -23,6 +24,8 @@ nodes
2324
| test.c:75:8:75:16 | gets output argument | semmle.label | gets output argument |
2425
| test.c:76:17:76:25 | *userInput | semmle.label | *userInput |
2526
| test.c:77:20:77:28 | *userInput | semmle.label | *userInput |
27+
| test.c:99:57:99:64 | *pCmdLine | semmle.label | *pCmdLine |
28+
| test.c:103:18:103:23 | *query1 | semmle.label | *query1 |
2629
| test.cpp:39:27:39:30 | **argv | semmle.label | **argv |
2730
| test.cpp:43:27:43:33 | *access to array | semmle.label | *access to array |
2831
subpaths
@@ -31,4 +34,5 @@ subpaths
3134
| test.c:51:18:51:23 | query1 | test.c:14:27:14:30 | **argv | test.c:51:18:51:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) |
3235
| test.c:76:17:76:25 | userInput | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLPrepare(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) |
3336
| test.c:77:20:77:28 | userInput | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLExecDirect(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) |
37+
| test.c:103:18:103:23 | query1 | test.c:99:57:99:64 | *pCmdLine | test.c:103:18:103:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:99:57:99:64 | *pCmdLine | user input (a command-line) |
3438
| test.cpp:43:27:43:33 | access to array | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | This argument to a SQL query function is derived from $@ and then passed to pqxx::work::exec1((unnamed parameter 0)). | test.cpp:39:27:39:30 | **argv | user input (a command-line argument) |

0 commit comments

Comments
 (0)