added pr fixes

2026-04-30 03:05:15 +02:00 · 2020-07-07 11:05:39 -07:00
parent 263f00784f
commit 3b9daa2db2
3 changed files with 3 additions and 4 deletions
--- a/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.qhelp
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.qhelp
@@ -3,7 +3,7 @@
  "qhelp.dtd">
 <qhelp>
 <overview>
-<p>It is bad practice to use any of the <code>scanf<code> functions without including a specified length within the format parameter, as it will be vulnerable to buffer overflows.</p>
+<p>It is bad practice to use any of the <code>scanf</code> functions without including a specified length within the format parameter, as it will be vulnerable to buffer overflows.</p>

 </overview>

--- a/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql
@@ -3,7 +3,6 @@
 * @description Use of one of the scanf functions without a specified length.
 * @kind problem
 * @problem.severity warning
- * @precision medium
 * @id cpp/memory-unsafe-function-scan
 * @tags reliability
 *       security
--- a/cpp/ql/test/experimental/query-tests/Security/CWE/semmle/tests/MemoryUnsafeFunctionScan.expected
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/semmle/tests/MemoryUnsafeFunctionScan.expected
@@ -1,2 +1,2 @@
-| MemoryUnsafeFunctionScan.cpp:13:5:13:9 | call to scanf | Dangerous use of one of the scanf functions |
-| MemoryUnsafeFunctionScan.cpp:21:5:21:10 | call to fscanf | Dangerous use of one of the scanf functions |
+| MemoryUnsafeFunctionScan.cpp:14:5:14:9 | call to scanf | Dangerous use of one of the scanf functions |
+| MemoryUnsafeFunctionScan.cpp:22:5:22:10 | call to fscanf | Dangerous use of one of the scanf functions |