hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

CPP: Test showing that Adding365daysPerYear.ql doesn't actually care whether the return value of the time conversion function is checked.

Browse Source
This commit is contained in:
Geoffrey White
2019-07-16 17:28:29 +01:00
parent 4df176ae34
commit 1b7d1c37ec
2 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/test/query-tests/Likely Bugs/Leap Year/Adding365DaysPerYear/Adding365daysPerYear.expected
View File

@@ -1,3 +1,5 @@
| test.cpp:173:2:173:52 | ... = ... | This arithmetic operation $@ uses a constant value of 365 ends up modifying the date/time located at $@, without considering leap year scenarios. | test.cpp:170:2:170:47 | ... += ... | ... += ... | test.cpp:173:2:173:52 | ... = ... | ... = ... |
| test.cpp:174:2:174:46 | ... = ... | This arithmetic operation $@ uses a constant value of 365 ends up modifying the date/time located at $@, without considering leap year scenarios. | test.cpp:170:2:170:47 | ... += ... | ... += ... | test.cpp:174:2:174:46 | ... = ... | ... = ... |
| test.cpp:193:2:193:24 | ... = ... | This arithmetic operation $@ uses a constant value of 365 ends up modifying the date/time located at $@, without considering leap year scenarios. | test.cpp:193:2:193:24 | ... = ... | ... = ... | test.cpp:193:2:193:24 | ... = ... | ... = ... |
| test.cpp:217:2:217:52 | ... = ... | This arithmetic operation $@ uses a constant value of 365 ends up modifying the date/time located at $@, without considering leap year scenarios. | test.cpp:214:2:214:47 | ... += ... | ... += ... | test.cpp:217:2:217:52 | ... = ... | ... = ... |
| test.cpp:218:2:218:46 | ... = ... | This arithmetic operation $@ uses a constant value of 365 ends up modifying the date/time located at $@, without considering leap year scenarios. | test.cpp:214:2:214:47 | ... += ... | ... += ... | test.cpp:218:2:218:46 | ... = ... | ... = ... |

28
cpp/ql/test/query-tests/Likely Bugs/Leap Year/Adding365DaysPerYear/test.cpp
View File

@@ -170,7 +170,7 @@ void antipattern2()
qwLongTime += 365 * 24 * 60 * 60 * 10000000LLU;
// copy back to a FILETIME
ft.dwLowDateTime = (DWORD)(qwLongTime & 0xFFFFFFFF);
ft.dwLowDateTime = (DWORD)(qwLongTime & 0xFFFFFFFF); // BAD
ft.dwHighDateTime = (DWORD)(qwLongTime >> 32);
// convert back to SYSTEMTIME for display or other usage
@@ -197,3 +197,29 @@ time_t mkTime(int days)
return t;
}
void checkedExample()
{
// get the current time as a FILETIME
SYSTEMTIME st; FILETIME ft;
GetSystemTime(&st);
SystemTimeToFileTime(&st, &ft);
// convert to a quadword (64-bit integer) to do arithmetic
ULONGLONG qwLongTime;
qwLongTime = (((ULONGLONG)ft.dwHighDateTime) << 32) + ft.dwLowDateTime;
// add a year by calculating the ticks in 365 days
// (which may be incorrect when crossing a leap day)
qwLongTime += 365 * 24 * 60 * 60 * 10000000LLU;
// copy back to a FILETIME
ft.dwLowDateTime = (DWORD)(qwLongTime & 0xFFFFFFFF); // GOOD [FALSE POSITIVE]
ft.dwHighDateTime = (DWORD)(qwLongTime >> 32);
// convert back to SYSTEMTIME for display or other usage
if (FileTimeToSystemTime(&ft, &st) == 0)
{
// handle error...
}
}