C++: Add Windows command line and environment models #19563
Merged
+129
−13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jketema
changed the title
There was a problem hiding this comment.
Pull Request Overview
Adds Windows command-line and environment models to the C++ dataflow tests and core library, enabling flow-tracking for WinMain parameters and Win32 API calls.
- Introduce
windows.cppandwinmain.cpptests coveringGetCommandLineA/W,CommandLineToArgvA/W,GetEnvironmentStringsA/W,GetEnvironmentVariableA/W, and WinMain’spCmdLine. - Update expected
.expectedfiles to include new source, step, flow, and irFlow entries for those tests. - Add a
CmdLineSourceinFlowSources.qll, import it inTestBase.qll, and define YML models inWindows.model.yml; document the change inchange-notes.
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| cpp/ql/test/library-tests/dataflow/external-models/windows.cpp | New tests exercising Windows command-line & env APIs |
| cpp/ql/test/library-tests/dataflow/dataflow-tests/winmain.cpp | New WinMain test for pCmdLine source |
| cpp/ql/test/library-tests/dataflow/external-models/steps.expected | Updated step expectations for CommandLineToArgvA |
| cpp/ql/test/library-tests/dataflow/external-models/sources.expected | Added sources for Win32 APIs |
| cpp/ql/test/library-tests/dataflow/external-models/flow.expected | Added flow edges for Windows external models |
| cpp/ql/test/library-tests/dataflow/dataflow-tests/test-source-sink.expected | Added WinMain irFlow entry |
| cpp/ql/test/library-tests/dataflow/dataflow-tests/TestBase.qll | Imported new FlowSources and extended isSource |
| cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll | Added CmdLineSource model for WinMain’s pCmdLine |
| cpp/ql/lib/ext/Windows.model.yml | Defined summary/source models for Win32 APIs |
| cpp/ql/lib/change-notes/2025-05-23-windows-sources.md | Documented the new Windows sources and models |
Comments suppressed due to low confidence (1)
cpp/ql/test/library-tests/dataflow/external-models/steps.expected:8
- The table entry refers to
*cmdat column 16:36–16:38, but the dereference in the code is*argv[1]. This should be updated to reference*argv[1]to match the actual code under test.
| windows.cpp:16:36:16:38 | *cmd | windows.cpp:16:17:16:34 | **call to CommandLineToArgvA |
geoffw0
approved these changes
May 27, 2025
| @@ -0,0 +1,20 @@ | |||
| # partial model of windows system calls | |||
There was a problem hiding this comment.
Suggested change
| # partial model of windows system calls | |
| # partial model of windows system calls |
There was a problem hiding this comment.
Acknowledging I saw this. Will fix this in a separate PR.
| int GetEnvironmentVariableA(const char*, char*, int); | ||
|
|
||
| void getCommandLine() { | ||
| char* cmd = GetCommandLineA(); |
There was a problem hiding this comment.
I believe these A and W variants are often called via a macro with no letter (in this case it would be GetCommandLine). It's probably fine that we test on the specific implementation functions and I suspect many users do in fact call them directly as well.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New results in DCA look genuine.