From 3624fea7378bc0a6d5b70b2f402e2f9993663240 Mon Sep 17 00:00:00 2001 From: Sam Blackshear Date: Wed, 12 Oct 2016 15:34:22 -0700 Subject: [PATCH] [quandary] tests for C++ analysis Reviewed By: akotulski Differential Revision: D4007372 fbshipit-source-id: 076dc36 --- Makefile | 5 +- infer/tests/codetoanalyze/Makefile.clang | 3 +- .../tests/codetoanalyze/cpp/quandary/Makefile | 23 ++++++++++ .../codetoanalyze/cpp/quandary/basics.cpp | 46 +++++++++++++++++++ .../codetoanalyze/cpp/quandary/issues.exp | 4 ++ 5 files changed, 79 insertions(+), 2 deletions(-) create mode 100644 infer/tests/codetoanalyze/cpp/quandary/Makefile create mode 100644 infer/tests/codetoanalyze/cpp/quandary/basics.cpp create mode 100644 infer/tests/codetoanalyze/cpp/quandary/issues.exp diff --git a/Makefile b/Makefile index 928fe875c..5e068c40b 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ include $(ROOT_DIR)/Makefile.config DIRECT_TESTS= ifeq ($(BUILD_C_ANALYZERS),yes) -DIRECT_TESTS += c_infer_test c_frontend_test cpp_infer_test cpp_frontend_test +DIRECT_TESTS += c_infer_test c_frontend_test cpp_infer_test cpp_frontend_test cpp_quandary_test endif ifeq ($(BUILD_JAVA_ANALYZERS),yes) DIRECT_TESTS += \ @@ -116,6 +116,9 @@ cpp_frontend_test: cpp_infer_test: $(MAKE) -C ./infer/tests/codetoanalyze/cpp/errors test +cpp_quandary_test: + make -C ./infer/tests/codetoanalyze/cpp/quandary test + java_checkers_test: $(MAKE) -C ./infer/tests/codetoanalyze/java/checkers test diff --git a/infer/tests/codetoanalyze/Makefile.clang b/infer/tests/codetoanalyze/Makefile.clang index 7b02a6f74..a93186e03 100644 --- a/infer/tests/codetoanalyze/Makefile.clang +++ b/infer/tests/codetoanalyze/Makefile.clang @@ -9,13 +9,14 @@ ROOT_DIR = ../../../../.. include $(ROOT_DIR)/Makefile.config ANALYZER = infer +INFERPRINT_OPTIONS = --issues-tests CLEAN_EXTRA = default: compile print: analyze - $(INFERPRINT_BIN) -q -a $(ANALYZER) --issues-tests issues.exp.test + $(INFERPRINT_BIN) -q -a $(ANALYZER) $(INFERPRINT_OPTIONS) issues.exp.test LC_ALL=C sort -t, -k1,1 -k2,2 -k3n,3 -o issues.exp.test issues.exp.test test: analyze print diff --git a/infer/tests/codetoanalyze/cpp/quandary/Makefile b/infer/tests/codetoanalyze/cpp/quandary/Makefile new file mode 100644 index 000000000..348f343d8 --- /dev/null +++ b/infer/tests/codetoanalyze/cpp/quandary/Makefile @@ -0,0 +1,23 @@ +# Copyright (c) 2016 - present Facebook, Inc. +# All rights reserved. +# +# This source code is licensed under the BSD style license found in the +# LICENSE file in the root directory of this source tree. An additional grant +# of patent rights can be found in the PATENTS file in the same directory. + +include ../../Makefile.clang + +OPTIONS = -x c++ -std=c++11 -isystem$(MODELS_DIR)/cpp/include -isystem$(CLANG_INCLUDES)/c++/v1/ -c + +ANALYZER = quandary +INFERPRINT_OPTIONS = --issues-txt + +FILES = \ + basics.cpp \ + +compile: + clang $(OPTIONS) $(FILES) + +analyze: + $(INFER_BIN) -a $(ANALYZER) --cxx --ml-buckets cpp --check-duplicate-symbols -- clang $(OPTIONS) $(FILES) >/dev/null 2>duplicates.txt + grep "DUPLICATE_SYMBOLS" duplicates.txt; test $$? -ne 0 diff --git a/infer/tests/codetoanalyze/cpp/quandary/basics.cpp b/infer/tests/codetoanalyze/cpp/quandary/basics.cpp new file mode 100644 index 000000000..15cfd8478 --- /dev/null +++ b/infer/tests/codetoanalyze/cpp/quandary/basics.cpp @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2016 - present Facebook, Inc. + * All rights reserved. + * + * This source code is licensed under the BSD style license found in the + * LICENSE file in the root directory of this source tree. An additional grant + * of patent rights can be found in the PATENTS file in the same directory. + */ + +extern void* __infer_taint_source(); +extern void __infer_taint_sink(void*); + +namespace basics { + +class Obj { + public: + int field; +}; + +void* returnSource() { return __infer_taint_source(); } + +void callSink(void* param) { __infer_taint_sink(param); } + +void* id(void* param) { return param; } + +void sourceToSinkDirectBad() { + void* source = __infer_taint_source(); + __infer_taint_sink(source); +} + +void returnSourceToSinkBad() { + void* source = returnSource(); + __infer_taint_sink(source); +} + +void sourceThenCallSinkBad() { + void* source = __infer_taint_source(); + callSink(source); +} + +void propagateBad() { + void* source = __infer_taint_source(); + void* launderedSource = id(source); + callSink(launderedSource); +} +} diff --git a/infer/tests/codetoanalyze/cpp/quandary/issues.exp b/infer/tests/codetoanalyze/cpp/quandary/issues.exp new file mode 100644 index 000000000..1b91685b8 --- /dev/null +++ b/infer/tests/codetoanalyze/cpp/quandary/issues.exp @@ -0,0 +1,4 @@ +basics.cpp:28: ERROR: QUANDARY_TAINT_ERROR Error: Other(__infer_taint_source at [line 27]) -> Other(__infer_taint_sink at [line 28]) via { } +basics.cpp:33: ERROR: QUANDARY_TAINT_ERROR Error: Other(__infer_taint_source at [line 20]) -> Other(__infer_taint_sink at [line 33]) via { basics::returnSource at [line 32] } +basics.cpp:38: ERROR: QUANDARY_TAINT_ERROR Error: Other(__infer_taint_source at [line 37]) -> Other(__infer_taint_sink at [line 22]) via { basics::callSink at [line 38] } +basics.cpp:44: ERROR: QUANDARY_TAINT_ERROR Error: Other(__infer_taint_source at [line 42]) -> Other(__infer_taint_sink at [line 22]) via { basics::callSink at [line 44], basics::id at [line 43] }