C++: Add the examples to the test.

2026-04-27 01:35:13 +02:00 · 2024-07-04 17:00:25 +01:00
parent 1343e4c9aa
commit 5d898727c0
2 changed files with 25 additions and 1 deletions
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/UnsignedDifferenceExpressionComparedZero.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/UnsignedDifferenceExpressionComparedZero.expected
@@ -13,3 +13,4 @@
 | test.cpp:266:10:266:24 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:276:11:276:19 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:288:10:288:18 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:312:9:312:25 | ... > ... | Unsigned subtraction can never be negative. |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/test.cpp
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/test.cpp
@@ -43,7 +43,7 @@ void test(unsigned x, unsigned y, bool unknown) {
 	while(cond()) {
 		if(unknown) { y--; }
 	}
-	
+
 	if(x - y > 0) { } // GOOD

 	x = y;
@@ -298,3 +298,26 @@ int test18() {

 	return (a - b > 0); // GOOD (as b = 0)
 }
+
+typedef unsigned int uint32_t;
+typedef long long int64_t;
+uint32_t get_limit();
+uint32_t get_data();
+
+void test19() {
+	// from the doc:
+	uint32_t limit = get_limit();
+	uint32_t total = 0;
+
+	while (limit - total > 0) { // BAD: if `total` is greater than `limit` this will underflow and continue executing the loop.
+		total += get_data();
+	}
+
+	while (total < limit) { // GOOD: never underflows here because there is no arithmetic.
+		total += get_data();
+	}
+
+	while ((int64_t)limit - total > 0) { // GOOD: never underflows here because the result always fits in an `int64_t`.
+		total += get_data();
+	}
+}