hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

CPP: Queries: Improve NoSpaceForZeroTerminator query.

Browse Source
This commit is contained in:
Geoffrey White
2019-11-22 14:26:05 +00:00
parent 3c9432d7b7
commit 3895a7e1f0
4 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/NoSpaceForZeroTerminator.expected
View File

@@ -1,6 +1,9 @@
| test2.cpp:64:34:64:39 | call to calloc | This allocation does not include space to null-terminate the string. |
| test2.cpp:71:28:71:34 | call to realloc | This allocation does not include space to null-terminate the string. |
| test.c:16:20:16:25 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.c:32:20:32:25 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.c:49:20:49:25 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.cpp:24:35:24:40 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.cpp:63:28:63:33 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.cpp:71:28:71:33 | call to malloc | This allocation does not include space to null-terminate the string. |
| test.cpp:106:24:106:48 | new[] | This allocation does not include space to null-terminate the string. |

2
cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/test.cpp
View File

@@ -102,7 +102,7 @@ void good2(char *str, char *dest) {
}
void bad9(wchar_t *wstr) {
// BAD -- using new [NOT DETECTED]
// BAD -- using new
wchar_t *wbuffer = new wchar_t[wcslen(wstr)];
wcscpy(wbuffer, wstr);
delete wbuffer;

4
cpp/ql/test/query-tests/Security/CWE/CWE-131/semmle/NoSpaceForZeroTerminator/test2.cpp
View File

@@ -60,14 +60,14 @@ void bad2(wchar_t *str) {
}
void bad3(wchar_t *str) {
// BAD -- Not allocating space for '\0' terminator [NOT DETECTED]
// BAD -- Not allocating space for '\0' terminator
wchar_t *buffer = (wchar_t *)calloc(sizeof(wchar_t), wcslen(str));
wcscpy(buffer, str);
free(buffer);
}
void bad4(char *str) {
// BAD -- Not allocating space for '\0' terminator [NOT DETECTED]
// BAD -- Not allocating space for '\0' terminator
char *buffer = (char *)realloc(0, strlen(str));
strcpy(buffer, str);
free(buffer);