hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add FP test.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-01-29 10:59:38 +00:00
parent 49d6d3fa0c
commit 3a66fd7175
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/test/query-tests/Critical/MissingCheckScanf/IncorrectCheckScanf.expected
View File

@@ -3,3 +3,4 @@
| test.cpp:204:7:204:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:436:7:436:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:443:11:443:15 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:455:12:455:17 | call to sscanf | The result of scanf is only checked against 0, but it can also return EOF. |

12
cpp/ql/test/query-tests/Critical/MissingCheckScanf/test.cpp
View File

@@ -446,4 +446,16 @@ void bad_check() {
}
use(i); // GOOD [FALSE POSITIVE]: Technically no security issue, but code is incorrect.
}
}
#define EOF (-1)
void disjunct_boolean_condition(const char* modifier_data) {
long value;
auto rc = sscanf(modifier_data, "%lx", &value);
if((rc == EOF) || (rc == 0)) {
return;
}
use(value); // GOOD
}