hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

CPP: Fix sscanf false positives in older linux repos

Browse Source
This commit is contained in:
Alex Eyers-Taylor
2023-11-27 18:10:18 +00:00
parent 9eb5b23f54
commit 3e9aeac004
3 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Critical/IncorrectCheckScanf.ql
View File

@@ -19,4 +19,4 @@ import ScanfChecks
from ScanfFunctionCall call
where incorrectlyCheckedScanf(call)
select call, "The result of scanf is onyl checkeck against 0, but it can also return EOF."
select call, "The result of scanf is only checked against 0, but it can also return EOF."

3
cpp/ql/src/Critical/ScanfChecks.qll
View File

@@ -22,7 +22,8 @@ private predicate exprInBooleanContext(Expr e) {
}
private predicate isLinuxKernel() {
exists(Macro macro | macro.getName() = "_LINUX_KERNEL_SPRINTF_H_")
// For the purpose of sscanf, we check the header guards for the files that it is defined in (which have changed)
exists(Macro macro | macro.getName() in ["_LINUX_KERNEL_SPRINTF_H_", "_LINUX_KERNEL_H"])
}
/**

10
cpp/ql/test/query-tests/Critical/MissingCheckScanf/IncorrectCheckScanf.expected
View File

@@ -1,5 +1,5 @@
| test.cpp:162:7:162:11 | call to scanf | The result of scanf is onyl checkeck against 0, but it can also return EOF. |
| test.cpp:171:7:171:11 | call to scanf | The result of scanf is onyl checkeck against 0, but it can also return EOF. |
| test.cpp:204:7:204:11 | call to scanf | The result of scanf is onyl checkeck against 0, but it can also return EOF. |
| test.cpp:436:7:436:11 | call to scanf | The result of scanf is onyl checkeck against 0, but it can also return EOF. |
| test.cpp:443:11:443:15 | call to scanf | The result of scanf is onyl checkeck against 0, but it can also return EOF. |
| test.cpp:162:7:162:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:171:7:171:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:204:7:204:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:436:7:436:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
| test.cpp:443:11:443:15 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |