CPP: Test a common false positive.

2026-05-04 05:05:12 +02:00 · 2019-07-01 14:56:28 +01:00
parent a54ee160a3
commit 34d307ecef
2 changed files with 13 additions and 0 deletions
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/NoSpaceForZeroTerminator.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/NoSpaceForZeroTerminator.expected
@@ -1,4 +1,5 @@
 | test.c:15:20:15:25 | call to malloc | This allocation does not include space to null-terminate the string. |
 | test.c:29:20:29:25 | call to malloc | This allocation does not include space to null-terminate the string. |
 | test.c:44:20:44:25 | call to malloc | This allocation does not include space to null-terminate the string. |
+| test.c:72:17:72:22 | call to malloc | This allocation does not include space to null-terminate the string. |
 | test.cpp:18:35:18:40 | call to malloc | This allocation does not include space to null-terminate the string. |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/test.c
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/test.c
@@ -63,3 +63,15 @@ void good3(char *str) {
    char *buffer = malloc((strlen(str) + 1) * sizeof(char));
    free(buffer);
 }
+
+void *memcpy(void *s1, const void *s2, size_t n);
+
+void good4(char *str) {
+	// GOOD -- allocating a non zero-terminated string [FALSE POSITIVE]
+	int len = strlen(str);
+	char *buffer = malloc(len);
+
+	memcpy(buffer, str, len);
+
+	free(buffer);
+}