You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
153 lines
31 KiB
153 lines
31 KiB
3 years ago
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_brk_bad, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to brk with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_calloc_bad1, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to calloc with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_calloc_bad2, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to calloc with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_malloc_bad, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to malloc with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_reaalloc_bad1, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to realloc with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_reaalloc_bad2, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to realloc with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/allocs.cpp, allocs::untrusted_sbrk_bad, 0, UNTRUSTED_HEAP_ALLOCATION, no_bucket, ERROR, [Return from allocs::allocation_source,Call to sbrk with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::array_sink1_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::array_sink2_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::array_sink3_bad, 0, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::array_sink4_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::gflag_to_stack_allocated_array_bad, 0, UNTRUSTED_VARIABLE_LENGTH_ARRAY, no_bucket, ERROR, [Return from __global_access,Call to __set_array_length with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::memcpy_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to memcpy with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::memmove_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to memmove with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::memset_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to memset with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::stack_smash_bad, 2, UNTRUSTED_VARIABLE_LENGTH_ARRAY, no_bucket, ERROR, [Return from __infer_taint_source,Call to __set_array_length with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::std_array_sink_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to std::array<int,2>::operator[] with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::std_string_sink_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to std::basic_string<char,std::char_traits<char>,std::allocator<char>>::operator[] with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::strcpy_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from getenv,Call to strcpy with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::strncpy_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to strncpy with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::wmemcpy_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to wmemcpy with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/arrays.cpp, arrays::wmemmove_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to wmemmove with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::Obj::endpoint, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::endpoint,Call to basics::Obj::string_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::Obj::endpoint, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::endpoint,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::funCall_bad1, 0, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to basics::funCall_bad2 with tainted index 1,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::object_source_sink_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::method_source,Call to basics::Obj::method_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::propagateBad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to basics::callSink with tainted index 0,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::returnSourceToSinkBad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data return*,Return from basics::returnSource,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::sourceThenCallSinkBad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to basics::callSink with tainted index 0,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::sourceToSinkDirectBad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::static_source_sink_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::static_source,Call to basics::Obj::static_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::string_source_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::string_source,Call to basics::Obj::string_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::taint_arg_source_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::taint_arg_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::template_source_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::template_source<void_*>,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::unsanitized_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::string_source,Call to basics::Obj::string_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::via_field_bad1, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::template_source<9a770ca56aea3aef>,Call to basics::template_sink<9a770ca56aea3aef> with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::via_field_bad2, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::template_source<9a770ca56aea3aef>,Call to basics::template_sink<9a770ca56aea3aef> with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::via_passthrough_bad1, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::string_source,Call to basics::Obj::string_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/basics.cpp, basics::via_passthrough_bad2, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj::string_source,Call to basics::Obj::string_sink with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::FP_private_not_endpoint_ok, 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::FP_private_not_endpoint_ok,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::FP_service1_endpoint_struct_int_field_ok, 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::FP_service1_endpoint_struct_int_field_ok,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::endpoint_to_curl_url_bad, 1, UNTRUSTED_URL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::endpoint_to_curl_url_bad,Call to curl_easy_setopt with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::endpoint_to_curl_url_exp_bad, 1, UNTRUSTED_URL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::endpoint_to_curl_url_exp_bad,Call to curl_easy_setopt with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::endpoint_to_curl_url_unknown_exp_bad, 1, UNTRUSTED_URL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::endpoint_to_curl_url_unknown_exp_bad,Call to curl_easy_setopt with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::fstream_open_file_bad, 1, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::fstream_open_file_bad,Call to std::basic_fstream<char,std::char_traits<char>>::basic_fstream with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::fstream_open_file_bad, 3, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::fstream_open_file_bad,Call to std::basic_fstream<char,std::char_traits<char>>::open with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::ifstream_open_file_bad, 1, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::ifstream_open_file_bad,Call to std::basic_ifstream<char,std::char_traits<char>>::basic_ifstream with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::ifstream_open_file_bad, 3, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::ifstream_open_file_bad,Call to std::basic_ifstream<char,std::char_traits<char>>::open with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::ofstream_open_file_bad, 1, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::ofstream_open_file_bad,Call to std::basic_ofstream<char,std::char_traits<char>>::basic_ofstream with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::ofstream_open_file_bad, 3, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::ofstream_open_file_bad,Call to std::basic_ofstream<char,std::char_traits<char>>::open with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 1, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to open with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 2, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to openat with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 3, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to creat with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 4, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to fopen with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 5, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to freopen with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::open_or_create_c_style_file_bad, 6, UNTRUSTED_FILE_RISK, no_bucket, ERROR, [Return from endpoints::Service1::open_or_create_c_style_file_bad,Call to rename with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::sanitized_sql_with_shell_bad, 2, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::sanitized_sql_with_shell_bad,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::service1_endpoint_bad, 2, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::service1_endpoint_bad,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::service1_endpoint_sql_read_bad, 2, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::service1_endpoint_sql_read_bad,Call to __infer_sql_read_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::service1_endpoint_sql_sanitized_bad, 2, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::service1_endpoint_sql_sanitized_bad,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::service1_endpoint_sql_write_bad, 2, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from endpoints::Service1::service1_endpoint_sql_write_bad,Call to __infer_sql_write_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::service1_endpoint_struct_string_field_bad, 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::service1_endpoint_struct_string_field_bad,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::unsanitized_sql_bad, 2, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::unsanitized_sql_bad,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::user_controlled_endpoint_to_shell_bad, 2, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::user_controlled_endpoint_to_shell_bad,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service1::user_controlled_endpoint_to_sql_bad, 2, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service1::user_controlled_endpoint_to_sql_bad,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service2::service2_endpoint_bad, 2, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service2::service2_endpoint_bad,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service3::service3_endpoint_bad, 2, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from endpoints::Service3::service3_endpoint_bad,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service3::service3_endpoint_envchange_putenv_bad, 2, UNTRUSTED_ENVIRONMENT_CHANGE_RISK, no_bucket, ERROR, [Return from endpoints::Service3::service3_endpoint_envchange_putenv_bad,Call to putenv with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/endpoints.cpp, endpoints::Service3::service3_endpoint_envchange_setoption_bad, 2, UNTRUSTED_ENVIRONMENT_CHANGE_RISK, no_bucket, ERROR, [Return from endpoints::Service3::service3_endpoint_envchange_setoption_bad,Call to gflags::SetCommandLineOption with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 6, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execl with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 8, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execl with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 11, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execl with tainted index 2]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 13, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execlp with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 15, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execlp with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 17, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execle with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 19, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execle with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 21, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execv with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 23, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execvp with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 25, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execv with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 27, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execvp with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 29, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execve with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 31, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to execve with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 33, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::callExecBad, 35, SHELL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to popen with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::exec_string_flag_bad, 0, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from __global_access,Call to execl with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::exec_string_flag_interproc_bad, 2, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from __global_access with tainted data return,Return from execs::return_global,Call to execl with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/execs.cpp, execs::sql_on_env_var_bad, 2, SQL_INJECTION, no_bucket, ERROR, [Return from getenv,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop1_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop2_bad, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop2_bad, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop3_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop_nested1_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to expressions::call_sink_nested with tainted index 0,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_binop_nested2_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to expressions::call_sink_nested with tainted index 0,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_unop1_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/expressions.cpp, expressions::propagate_via_unop2_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/files.cpp, files::read_file_call_exec_bad1, 5, SHELL_INJECTION, no_bucket, ERROR, [Return from std::basic_istream<char,std::char_traits<char>>::read,Call to execle with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/files.cpp, files::read_file_call_exec_bad2, 5, SHELL_INJECTION, no_bucket, ERROR, [Return from std::basic_istream<char,std::char_traits<char>>::readsome,Call to execle with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/files.cpp, files::read_file_call_exec_bad3, 5, SHELL_INJECTION, no_bucket, ERROR, [Return from std::basic_istream<char,std::char_traits<char>>::getline,Call to execle with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/files.cpp, files::read_file_call_exec_bad5, 4, SHELL_INJECTION, no_bucket, ERROR, [Return from std::basic_istream<char,std::char_traits<char>>::getline,Call to execle with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::FP_reuse_pointer_as_local_ok, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::reuse_pointer_as_local,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::assign_pointer_pass_to_sink_bad1, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::assign_pointer_to_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::assign_pointer_pass_to_sink_bad2, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::assign_pointer_to_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::assign_source_by_reference_bad1, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::assign_source_by_reference,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::assign_source_by_reference_bad2, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::assign_source_by_reference,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::assign_source_by_reference_bad3, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0*,Return from pointers::assign_source_by_reference with tainted data @val$0*,Return from pointers::call_assign_source_by_reference,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/pointers.cpp, pointers::funptr_bad0, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::dead_sanitizer_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::escape_shell_to_url_bad, 3, UNTRUSTED_URL_RISK, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_url_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::escape_sql_to_shell_bad, 3, SHELL_INJECTION, no_bucket, ERROR, [Return from __infer_taint_source,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::escape_sql_to_url_bad, 3, UNTRUSTED_URL_RISK, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_url_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::escape_url_to_sql_bad, 3, SQL_INJECTION, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_sql_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/sanitizers.cpp, sanitizers::kill_sanitizer_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::append1_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::append2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::assign1_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::assign2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::concat1_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::concat2_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::concat3_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::constructor1_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::constructor2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::constructor3_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::format1_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::format2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::format3_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::format4_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::format_varargs_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::insert1_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::insert2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::memchr_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::memcpy_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::memmove_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::replace1_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::replace2_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::sprintf1_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::sprintf2_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::strcpy1_bad, 3, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to strcpy with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::strcpy1_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::strcpy2_bad, 3, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to strcpy with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::strcpy2_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::strncpy_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/strings.cpp, strings::swap_bad, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/structs.cpp, structs::read_from_struct_source_field_bad, 2, SHELL_INJECTION, no_bucket, ERROR, [Return from __infer_taint_source,Call to system with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/structs.cpp, structs::struct_field_source_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from getenv,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/structs.cpp, structs::struct_field_source_unique_pointer_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/structs.cpp, structs::struct_source_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/unknown_code.cpp, unknown_code::direct_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/unknown_code.cpp, unknown_code::skip_indirect_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/unknown_code.cpp, unknown_code::skip_pointer_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/unknown_code.cpp, unknown_code::skip_value_bad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to __infer_taint_sink with tainted index 0]
|
||
|
codetoanalyze/cpp/quandary/vectors.cpp, vectors::read_vector_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to std::vector<int,std::allocator<int>>::operator[] with tainted index 1]
|
||
|
codetoanalyze/cpp/quandary/vectors.cpp, vectors::write_vector_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to std::vector<int,std::allocator<int>>::operator[] with tainted index 1]
|