hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

[CPP-370] Fix up // GOOD and // BAD test annotations so that they're consistent.

Browse Source
This commit is contained in:
Ziemowit Laski
2019-06-12 12:56:11 -07:00
parent 0f5a4a7089
commit 88a39d9454
3 changed files with 44 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.c
View File

@@ -27,23 +27,23 @@ extern char *any_random_function(const char *);
int main(int argc, char **argv) {
if(argc > 1)
printf(argv[1]); // not ok
printf(argv[1]); // BAD
else
printf("No argument supplied.\n"); // ok
printf("No argument supplied.\n"); // GOOD
printf(_("No argument supplied.\n")); // ok
printf(_("No argument supplied.\n")); // GOOD
printf(dgettext(NULL, "No argument supplied.\n")); // ok
printf(dgettext(NULL, "No argument supplied.\n")); // GOOD
printf(ngettext("One argument\n", "%d arguments\n", argc-1), argc-1); // ok
printf(ngettext("One argument\n", "%d arguments\n", argc-1), argc-1); // GOOD
printf(gettext("%d arguments\n"), argc-1); // ok
printf(any_random_function("%d arguments\n"), argc-1); // not ok
printf(gettext("%d arguments\n"), argc-1); // GOOD
printf(any_random_function("%d arguments\n"), argc-1); // BAD
// Even though `_` is mapped to `some_random_function` above,
// the following call should not be flagged.
printf(_(any_random_function("%d arguments\n")),
argc-1); // ok
argc-1); // GOOD
return 0;
}

6
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/nested.cpp
View File

@@ -18,7 +18,7 @@ extern "C" int snprintf ( char * s, int n, const char * format, ... );
struct A {
void do_print(const char *fmt0) {
char buf[32];
snprintf(buf, 32, fmt0); // BAD [FALSE POSITIVE]
snprintf(buf, 32, fmt0); // GOOD [FALSE POSITIVE]
}
};
@@ -39,7 +39,7 @@ struct C {
void foo(void) {
C c;
c.do_some_printing(c.ext_fmt_str()); // GOOD [NOT DETECTED]
c.do_some_printing(c.ext_fmt_str()); // BAD [NOT DETECTED]
}
struct some_class {
@@ -54,7 +54,7 @@ struct debug_ {
va_list args)
{
char str[4096];
int length = _vsnprintf_s(str, sizeof(str), 0, fmt, args);
int length = _vsnprintf_s(str, sizeof(str), 0, fmt, args); // GOOD
if (length > 0)
{
return 0;

66
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp
View File

@@ -42,83 +42,83 @@ const char *const_wash(char *str) {
int main(int argc, char **argv) {
const char *message = messages[2];
printf(choose_message(argc - 1), argc - 1); // OK
printf(messages[1]); // OK
printf(message); // OK
printf(make_message(argc - 1)); // NOT OK
printf("Hello, World\n"); // OK
printf(_("Hello, World\n")); // OK
printf(choose_message(argc - 1), argc - 1); // GOOD
printf(messages[1]); // GOOD
printf(message); // GOOD
printf(make_message(argc - 1)); // BAD
printf("Hello, World\n"); // GOOD
printf(_("Hello, World\n")); // GOOD
{
char hello[] = "hello, World\n";
hello[0] = 'H';
printf(hello); // NOT OK
printf(_(hello)); // OK
printf(gettext(hello)); // OK
printf(const_wash(hello)); // NOT OK
printf((hello + 1) + 1); // NOT OK
printf(+hello); // NOT OK
printf(*&hello); // NOT OK
printf(&*hello); // NOT OK
printf((char*)(void*)+(hello+1) + 1); // NOT OK
printf(hello); // BAD
printf(_(hello)); // GOOD
printf(gettext(hello)); // GOOD
printf(const_wash(hello)); // BAD
printf((hello + 1) + 1); // BAD
printf(+hello); // BAD
printf(*&hello); // BAD
printf(&*hello); // BAD
printf((char*)(void*)+(hello+1) + 1); // BAD
}
printf(("Hello, World\n" + 1) + 1); // NOT OK
printf(("Hello, World\n" + 1) + 1); // BAD
{
const char *hello = "Hello, World\n";
printf(hello + 1); // NOT OK
printf(hello); // OK
printf(hello + 1); // BAD
printf(hello); // GOOD
}
{
const char *hello = "Hello, World\n";
hello += 1;
printf(hello); // NOT OK
printf(hello); // BAD
}
{
// Same as above block but using "x = x + 1" syntax
const char *hello = "Hello, World\n";
hello = hello + 1;
printf(hello); // NOT OK
printf(hello); // BAD
}
{
// Same as above block but using "x++" syntax
const char *hello = "Hello, World\n";
hello++;
printf(hello); // NOT OK
printf(hello); // BAD
}
{
// Same as above block but using "++x" as subexpression
const char *hello = "Hello, World\n";
printf(++hello); // NOT OK
printf(++hello); // BAD
}
{
// Same as above block but through a pointer
const char *hello = "Hello, World\n";
const char **p = &hello;
(*p)++;
printf(hello); // NOT OK [NOT DETECTED]
printf(hello); // BAD [NOT DETECTED]
}
{
// Same as above block but through a C++ reference
const char *hello = "Hello, World\n";
const char *&p = hello;
p++;
printf(hello); // NOT OK [NOT DETECTED]
printf(hello); // BAD [NOT DETECTED]
}
if (gettext_debug) {
printf(new char[100]); // NOT OK
printf(new char[100]); // BAD
}
{
const char *hello = "Hello, World\n";
const char *const *p = &hello; // harmless reference to const pointer
printf(hello); // OK
printf(hello); // GOOD
hello++; // modification comes after use and so does no harm
}
printf(argc > 2 ? "More than one\n" : _("Only one\n")); // OK
printf(argc > 2 ? "More than one\n" : _("Only one\n")); // GOOD
// This following is OK since a const literal is passed to const_wash()
// and the taint tracker detects this.
//
//
printf(const_wash("Hello, World\n")); // OK
printf(const_wash("Hello, World\n")); // GOOD
}
const char *simple_func(const char *str) {
@@ -127,9 +127,9 @@ const char *simple_func(const char *str) {
void another_func(void) {
const char *message = messages[2];
printf(simple_func("Hello, World\n")); // OK
printf(messages[1]); // OK
printf(message); // OK
printf("Hello, World\n"); // OK
printf(gettext("Hello, World\n")); // OK
printf(simple_func("Hello, World\n")); // GOOD
printf(messages[1]); // GOOD
printf(message); // GOOD
printf("Hello, World\n"); // GOOD
printf(gettext("Hello, World\n")); // GOOD
}