C++: Add examples that need taint inheriting content.

MathiasVP · MathiasVP · commit 406c1861862d · 2026-03-31T11:06:38.000+01:00
diff --git a/cpp/ql/test/library-tests/dataflow/external-models/sources.expected b/cpp/ql/test/library-tests/dataflow/external-models/sources.expected
@@ -32,6 +32,6 @@
 | windows.cpp:669:70:669:79 | WinHttpQueryHeadersEx output argument | remote |
 | windows.cpp:669:82:669:87 | WinHttpQueryHeadersEx output argument | remote |
 | windows.cpp:669:105:669:112 | WinHttpQueryHeadersEx output argument | remote |
-| windows.cpp:873:64:873:77 | HttpReceiveHttpRequest output argument | remote |
-| windows.cpp:881:70:881:75 | HttpReceiveRequestEntityBody output argument | remote |
-| windows.cpp:888:70:888:78 | HttpReceiveClientCertificate output argument | remote |
+| windows.cpp:897:64:897:77 | HttpReceiveHttpRequest output argument | remote |
+| windows.cpp:926:70:926:75 | HttpReceiveRequestEntityBody output argument | remote |
+| windows.cpp:933:70:933:78 | HttpReceiveClientCertificate output argument | remote |
diff --git a/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp b/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp
@@ -887,6 +887,9 @@ ULONG HttpReceiveClientCertificate(
   LPOVERLAPPED               Overlapped
 );
 
+void sink(PCWSTR);
+void sink(HANDLE);
+
 void test_http_server_api(HANDLE hRequestQueue) {
   {
     HTTP_REQUEST requestBuffer;
@@ -895,6 +898,27 @@ void test_http_server_api(HANDLE hRequestQueue) {
     char* p = reinterpret_cast<char*>(&requestBuffer);
     sink(p);
     sink(*p); // $ ir
+    sink(requestBuffer.pRawUrl);
+    sink(*requestBuffer.pRawUrl); // $ MISSING: ir
+    sink(requestBuffer.CookedUrl.pFullUrl);
+    sink(*requestBuffer.CookedUrl.pFullUrl); // $ MISSING: ir
+    sink(requestBuffer.Headers.KnownHeaders[0].pRawValue);
+    sink(*requestBuffer.Headers.KnownHeaders[0].pRawValue); // $ MISSING: ir
+    sink(requestBuffer.Headers.pUnknownHeaders[0].pRawValue);
+    sink(*requestBuffer.Headers.pUnknownHeaders[0].pRawValue); // $ MISSING: ir
+    sink(requestBuffer.pEntityChunks->FromFileHandle.FileHandle); // $ MISSING: ir
+    sink(requestBuffer.pEntityChunks->FromFragmentCache.pFragmentName);
+    sink(*requestBuffer.pEntityChunks->FromFragmentCache.pFragmentName); // $ MISSING: ir
+    sink(requestBuffer.pEntityChunks->FromFragmentCacheEx.pFragmentName);
+    sink(*requestBuffer.pEntityChunks->FromFragmentCacheEx.pFragmentName); // $ MISSING: ir
+    sink(requestBuffer.pEntityChunks->FromMemory.pBuffer);
+    sink(*(char*)requestBuffer.pEntityChunks->FromMemory.pBuffer); // $ MISSING: ir
+    sink(requestBuffer.pSslInfo->pServerCertIssuer);
+    sink(*requestBuffer.pSslInfo->pServerCertIssuer); // $ MISSING: ir
+    sink(requestBuffer.pSslInfo->pServerCertSubject);
+    sink(*requestBuffer.pSslInfo->pServerCertSubject); // $ MISSING: ir
+    sink(requestBuffer.pSslInfo->pClientCertInfo->pCertEncoded);
+    sink(*requestBuffer.pSslInfo->pClientCertInfo->pCertEncoded); // $ MISSING: ir
   }
   {
     char buffer[1024];
@@ -910,5 +934,7 @@ void test_http_server_api(HANDLE hRequestQueue) {
     char* p = reinterpret_cast<char*>(&certInfo);
     sink(p);
     sink(*p); // $ ir
+    sink(certInfo.pCertEncoded);
+    sink(*certInfo.pCertEncoded); // $ MISSING: ir
   }
 }
