[root@*** test_case]# cat f_open_test_0.cpp
#include <cstdio>
#include<stdlib.h>
using namespace std;
const char * do_getenv1(const char * name) {
return getenv(name);
}
[root@*** test_case]# cat f_open_test_a.cpp
#include "f_open_test_0.cpp"
extern const char * do_getenv1(const char *);
const char * do_getenv() {
return do_getenv1("FILENAME1");
}
[root@*** test_case]# cat f_open_test_b.cpp
#include "f_open_test_a.cpp"
extern const char * do_getenv();
int main(){
const char * filename1 = do_getenv();
FILE * file1 = fopen(filename1, "r");
}
"results": [{
"ruleId": "cpp/huawei/member-variable-to-resource-leak",
"ruleIndex": 0,
"rule": {
"id": "cpp/huawei/member-variable-to-resource-leak",
"index": 0
},
"message": {
"text": "This 'fopen' uses data from [call to 'getenv'](1)."
},
"locations": [{
"physicalLocation": {
"artifactLocation": {
"uri": "f_open_test_b.cpp",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 6,
"startColumn": 26,
"endColumn": 35
},
"contextRegion": {
"startLine": 4,
"endLine": 8,
"snippet": {
"text": "int main(){\n const char * filename1 = do_getenv();\n FILE * file1 = fopen(filename1, \"r\");\n}\n\n"
}
}
}
}],
"partialFingerprints": {
"primaryLocationLineHash": "6f35e497d744c2f6:1",
"primaryLocationStartColumnFingerprint": "21"
},
"relatedLocations": [{
"id": 1,
"physicalLocation": {
"artifactLocation": {
"uri": "f_open_test_0.cpp",
"uriBaseId": "%SRCROOT%",
"index": 1
},
"region": {
"startLine": 6,
"startColumn": 12,
"endColumn": 18
},
"contextRegion": {
"startLine": 4,
"endLine": 7,
"snippet": {
"text": "\nconst char * do_getenv1(const char * name) {\n return getenv(name);\n}\n"
}
}
},
"message": {
"text": "call to 'getenv'"
}
}]
}],
"columnKind": "utf16CodeUnits",
"properties": {
"semmle.formatSpecifier": "sarif-latest"
}
}]
test code:
running rule:
fopen-flow-from-getenv.ql
but results file don't contain the function call chain, results like this: