Merge branch 'master' into zlaski/cpp370

2026-05-03 04:39:29 +02:00 · 2019-06-04 09:47:30 -07:00
parent 46b6eac955 813e1e7c91
commit 51e543a41d
543 changed files with 25015 additions and 6631 deletions
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/IntegerOverflowTainted.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/IntegerOverflowTainted.expected
@@ -2,3 +2,5 @@
 | test3.c:13:16:13:19 | * ... | $@ flows to here and is used in an expression which might overflow negatively. | test3.c:11:15:11:18 | argv | User-provided value |
 | test4.cpp:13:17:13:20 | access to array | $@ flows to here and is used in an expression which might overflow negatively. | test4.cpp:9:13:9:16 | argv | User-provided value |
 | test5.cpp:10:9:10:15 | call to strtoul | $@ flows to here and is used in an expression which might overflow. | test5.cpp:9:7:9:9 | buf | User-provided value |
+| test.c:44:7:44:12 | ... -- | $@ flows to here and is used in an expression which might overflow negatively. | test.c:41:17:41:20 | argv | User-provided value |
+| test.c:54:7:54:12 | ... -- | $@ flows to here and is used in an expression which might overflow negatively. | test.c:51:17:51:20 | argv | User-provided value |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/PotentiallyDangerousFunction.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/PotentiallyDangerousFunction.expected
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/DangerousFunctionOverflow.qlref
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/DangerousFunctionOverflow.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-676/DangerousFunctionOverflow.ql
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/PotentiallyDangerousFunction.qlref
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/PotentiallyDangerousFunction.qlref
@@ -1 +0,0 @@
-Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/DangerousFunctionOverflow.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/DangerousFunctionOverflow.expected
@@ -0,0 +1,2 @@
+| test.c:42:2:42:5 | call to gets | gets does not guard against buffer overflow |
+| test.c:43:6:43:9 | call to gets | gets does not guard against buffer overflow |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/DangerousFunctionOverflow.qlref
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/DangerousFunctionOverflow.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-676/DangerousFunctionOverflow.ql
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/PotentiallyDangerousFunction.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-676/semmle/PotentiallyDangerousFunction/PotentiallyDangerousFunction.expected
@@ -1,6 +1,4 @@
 | test.c:31:22:31:27 | call to gmtime | Call to gmtime is potentially dangerous |
-| test.c:42:2:42:5 | call to gets | gets does not guard against buffer overflow |
-| test.c:43:6:43:9 | call to gets | gets does not guard against buffer overflow |
 | test.c:48:19:48:27 | call to localtime | Call to localtime is potentially dangerous |
 | test.c:49:22:49:26 | call to ctime | Call to ctime is potentially dangerous |
 | test.c:50:23:50:29 | call to asctime | Call to asctime is potentially dangerous |
				`@@ -0,0 +1 @@`
				`Security/CWE/CWE-676/DangerousFunctionOverflow.ql`
				`@@ -1 +0,0 @@`
				`Security/CWE/CWE-676/PotentiallyDangerousFunction.ql`