C++: Add false negative test.

2026-05-02 04:05:14 +02:00 · 2021-04-16 17:34:12 +02:00
parent 50abb6e3a1
commit 1e327289b2
1 changed files with 7 additions and 0 deletions
--- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/test.c
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/test.c
@@ -39,6 +39,13 @@ struct buffers
    unsigned char *pointer;
 } globalBuff1,*globalBuff2,globalBuff1_c,*globalBuff2_c;

+void strncat_test5(char* s, struct buffers* buffers) {
+  unsigned len_array = strlen(buffers->array);
+  unsigned max_size = sizeof(buffers->array);
+  unsigned free_size = max_size - len_array;
+  strncat(buffers->array, s, free_size); // BAD [NOT DETECTED]
+}
+
 void strlen_test1(){
  unsigned char buff1[12];
  struct buffers buffAll;