You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

61 lines
1.5 KiB

/*
* Copyright (c) 2016-present, Facebook, Inc.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
#include <map>
#include <memory>
#include <string>
extern std::string __infer_taint_source();
extern void __infer_taint_sink(std::string);
extern std::string skip_value(std::string);
extern std::string* skip_pointer(std::string);
extern void skip_by_ref(std::string, std::string&);
extern int of_string(std::string);
namespace unknown_code {
void direct_bad() {
auto source = __infer_taint_source();
__infer_taint_sink(source);
}
void skip_value_bad() {
auto source = __infer_taint_source();
auto laundered_source = skip_value(source);
__infer_taint_sink(laundered_source);
}
void skip_pointer_bad() {
auto source = __infer_taint_source();
auto laundered_source = skip_pointer(source);
__infer_taint_sink(*laundered_source);
}
std::string skip_indirect(std::string formal) {
auto skipped_pointer = skip_pointer(formal);
return skip_value(*skipped_pointer);
}
void skip_indirect_bad() {
auto source = __infer_taint_source();
auto laundered_source = skip_indirect(source);
__infer_taint_sink(laundered_source);
}
// for now, we don't have any heuristics for guessing that laundered_by_ref is
// assigned by ref in
// the skipped function
void FN_via_skip_by_ref_bad() {
auto source = __infer_taint_source();
std::string laundered_by_ref;
skip_by_ref(source, laundered_by_ref);
__infer_taint_sink(laundered_by_ref);
}
} // namespace unknown_code