Skip to content

Commit 61a78e2

Browse files
geoffw0geoffw0
committed
C++: Fix map::merge.
1 parent 1f1be3b commit 61a78e2

File tree

5 files changed

+2
-13
lines changed

5 files changed

+2
-13
lines changed

cpp/ql/src/semmle/code/cpp/models/implementations/StdMap.qll

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -119,9 +119,6 @@ class StdMapMerge extends TaintFunction {
119119

120120
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
121121
// container1.merge(container2)
122-
input.isQualifierObject() and
123-
output.isParameterDeref(0)
124-
or
125122
input.isParameterDeref(0) and
126123
output.isQualifierObject()
127124
}

cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1033,13 +1033,11 @@
10331033
| map.cpp:211:7:211:9 | m20 | map.cpp:211:7:211:9 | call to map | |
10341034
| map.cpp:212:7:212:9 | m21 | map.cpp:212:7:212:9 | call to map | |
10351035
| map.cpp:213:7:213:9 | m22 | map.cpp:213:7:213:9 | call to map | |
1036-
| map.cpp:214:2:214:4 | m19 | map.cpp:214:12:214:14 | ref arg m20 | TAINT |
10371036
| map.cpp:214:2:214:4 | ref arg m19 | map.cpp:216:7:216:9 | m19 | |
10381037
| map.cpp:214:2:214:4 | ref arg m19 | map.cpp:252:1:252:1 | m19 | |
10391038
| map.cpp:214:12:214:14 | m20 | map.cpp:214:2:214:4 | ref arg m19 | TAINT |
10401039
| map.cpp:214:12:214:14 | ref arg m20 | map.cpp:217:7:217:9 | m20 | |
10411040
| map.cpp:214:12:214:14 | ref arg m20 | map.cpp:252:1:252:1 | m20 | |
1042-
| map.cpp:215:2:215:4 | m21 | map.cpp:215:12:215:14 | ref arg m22 | TAINT |
10431041
| map.cpp:215:2:215:4 | ref arg m21 | map.cpp:218:7:218:9 | m21 | |
10441042
| map.cpp:215:2:215:4 | ref arg m21 | map.cpp:252:1:252:1 | m21 | |
10451043
| map.cpp:215:12:215:14 | m22 | map.cpp:215:2:215:4 | ref arg m21 | TAINT |
@@ -1679,13 +1677,11 @@
16791677
| map.cpp:360:7:360:9 | m20 | map.cpp:360:7:360:9 | call to unordered_map | |
16801678
| map.cpp:361:7:361:9 | m21 | map.cpp:361:7:361:9 | call to unordered_map | |
16811679
| map.cpp:362:7:362:9 | m22 | map.cpp:362:7:362:9 | call to unordered_map | |
1682-
| map.cpp:363:2:363:4 | m19 | map.cpp:363:12:363:14 | ref arg m20 | TAINT |
16831680
| map.cpp:363:2:363:4 | ref arg m19 | map.cpp:365:7:365:9 | m19 | |
16841681
| map.cpp:363:2:363:4 | ref arg m19 | map.cpp:422:1:422:1 | m19 | |
16851682
| map.cpp:363:12:363:14 | m20 | map.cpp:363:2:363:4 | ref arg m19 | TAINT |
16861683
| map.cpp:363:12:363:14 | ref arg m20 | map.cpp:366:7:366:9 | m20 | |
16871684
| map.cpp:363:12:363:14 | ref arg m20 | map.cpp:422:1:422:1 | m20 | |
1688-
| map.cpp:364:2:364:4 | m21 | map.cpp:364:12:364:14 | ref arg m22 | TAINT |
16891685
| map.cpp:364:2:364:4 | ref arg m21 | map.cpp:367:7:367:9 | m21 | |
16901686
| map.cpp:364:2:364:4 | ref arg m21 | map.cpp:422:1:422:1 | m21 | |
16911687
| map.cpp:364:12:364:14 | m22 | map.cpp:364:2:364:4 | ref arg m21 | TAINT |

cpp/ql/test/library-tests/dataflow/taint-tests/map.cpp

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -214,7 +214,7 @@ void test_map()
214214
m19.merge(m20);
215215
m21.merge(m22);
216216
sink(m19); // tainted
217-
sink(m20); // tainted
217+
sink(m20);
218218
sink(m21); // tainted
219219
sink(m22); // tainted
220220

@@ -363,7 +363,7 @@ void test_unordered_map()
363363
m19.merge(m20);
364364
m21.merge(m22);
365365
sink(m19); // tainted
366-
sink(m20); // tainted
366+
sink(m20);
367367
sink(m21); // tainted
368368
sink(m22); // tainted
369369

cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,6 @@
8686
| map.cpp:210:7:210:9 | call to map | map.cpp:206:49:206:54 | call to source |
8787
| map.cpp:213:7:213:9 | call to map | map.cpp:209:49:209:54 | call to source |
8888
| map.cpp:216:7:216:9 | call to map | map.cpp:206:49:206:54 | call to source |
89-
| map.cpp:217:7:217:9 | call to map | map.cpp:206:49:206:54 | call to source |
9089
| map.cpp:218:7:218:9 | call to map | map.cpp:209:49:209:54 | call to source |
9190
| map.cpp:219:7:219:9 | call to map | map.cpp:209:49:209:54 | call to source |
9291
| map.cpp:225:7:225:9 | call to map | map.cpp:223:49:223:54 | call to source |
@@ -137,7 +136,6 @@
137136
| map.cpp:359:7:359:9 | call to unordered_map | map.cpp:355:49:355:54 | call to source |
138137
| map.cpp:362:7:362:9 | call to unordered_map | map.cpp:358:49:358:54 | call to source |
139138
| map.cpp:365:7:365:9 | call to unordered_map | map.cpp:355:49:355:54 | call to source |
140-
| map.cpp:366:7:366:9 | call to unordered_map | map.cpp:355:49:355:54 | call to source |
141139
| map.cpp:367:7:367:9 | call to unordered_map | map.cpp:358:49:358:54 | call to source |
142140
| map.cpp:368:7:368:9 | call to unordered_map | map.cpp:358:49:358:54 | call to source |
143141
| map.cpp:374:7:374:9 | call to unordered_map | map.cpp:372:49:372:54 | call to source |

cpp/ql/test/library-tests/dataflow/taint-tests/test_diff.expected

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,6 @@
6161
| map.cpp:210:7:210:9 | map.cpp:206:49:206:54 | AST only |
6262
| map.cpp:213:7:213:9 | map.cpp:209:49:209:54 | AST only |
6363
| map.cpp:216:7:216:9 | map.cpp:206:49:206:54 | AST only |
64-
| map.cpp:217:7:217:9 | map.cpp:206:49:206:54 | AST only |
6564
| map.cpp:218:7:218:9 | map.cpp:209:49:209:54 | AST only |
6665
| map.cpp:219:7:219:9 | map.cpp:209:49:209:54 | AST only |
6766
| map.cpp:225:7:225:9 | map.cpp:223:49:223:54 | AST only |
@@ -109,7 +108,6 @@
109108
| map.cpp:359:7:359:9 | map.cpp:355:49:355:54 | AST only |
110109
| map.cpp:362:7:362:9 | map.cpp:358:49:358:54 | AST only |
111110
| map.cpp:365:7:365:9 | map.cpp:355:49:355:54 | AST only |
112-
| map.cpp:366:7:366:9 | map.cpp:355:49:355:54 | AST only |
113111
| map.cpp:367:7:367:9 | map.cpp:358:49:358:54 | AST only |
114112
| map.cpp:368:7:368:9 | map.cpp:358:49:358:54 | AST only |
115113
| map.cpp:374:7:374:9 | map.cpp:372:49:372:54 | AST only |

0 commit comments

Comments
 (0)