hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add test cases.

Browse Source
This commit is contained in:
Geoffrey White
2020-10-20 15:33:57 +01:00
parent 540af7866c
commit 8198b96eb2
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected
View File

@@ -18,3 +18,4 @@
| test.cpp:87:12:87:16 | hello | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| test.cpp:92:12:92:18 | ++ ... | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| test.cpp:109:12:109:24 | new[] | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| test.cpp:129:20:129:26 | access to array | The format string argument to sprintf should be constant to prevent security issues and other potential errors. |

12
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp
View File

@@ -2,7 +2,7 @@ extern "C" int printf(const char *fmt, ...);
extern "C" int sprintf(char *buf, const char *fmt, ...);
extern "C" char *gettext (const char *);
#define MYSPRINTF sprintf
bool gettext_debug = false;
@@ -122,12 +122,12 @@ int main(int argc, char **argv) {
//
printf(const_wash("Hello, World\n")); // GOOD
{
char buffer[1024];
MYSPRINTF(buffer, "constant"); // GOOD
MYSPRINTF(buffer, argv[0]); // BAD
}
}
const char *simple_func(const char *str) {