hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

[CPP-370] Tentatively modify CWE consts.cpp file to play nice with the dataflow library.

Browse Source
This commit is contained in:
Ziemowit Laski
2019-05-16 12:06:08 -07:00
parent 1fce5a5b40
commit 8faf95ec84
2 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/NonConstantFormat.expected
View File

@@ -1,10 +1,14 @@
| consts.cpp:81:9:81:10 | c8 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:86:9:86:10 | v1 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:91:9:91:10 | v2 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:95:9:95:10 | v3 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:100:9:100:10 | v4 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:103:9:103:15 | call to varFunc | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:107:9:107:10 | v5 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:112:9:112:10 | v6 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:116:9:116:13 | access to array | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:121:9:121:10 | v8 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:130:9:130:10 | v9 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:135:9:135:11 | v10 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:140:9:140:11 | v11 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:145:9:145:11 | v12 | The format string argument to printf should be constant to prevent security issues and other potential errors. |

8
cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/consts.cpp
View File

@@ -59,12 +59,12 @@ void a() {
// GOOD: constFunc() always returns a constant string
// But we still don't track constantness flow from functions to variables
char *c5 = constFunc();
char *c5 = constFunc();
printf(c5);
// GOOD: constFunc() always returns a constant string
// But we still don't track constantness flow from functions to variables
char *c6;
char *c6;
c6 = constFunc();
printf(c6);
@@ -81,7 +81,7 @@ void a() {
printf(c8);
// BAD: v1 value came from the user
char *v1;
char v1[100];
gets(v1);
printf(v1);
@@ -125,7 +125,7 @@ void a() {
// BAD: nonConstFuncToArray() always returns a value from gv1, which is started as constant but was changed to a value that came from the user
printf(nonConstFuncToArray(0));
// BAD: v9 value is copied from v1, which came from the user [NOT DETECTED]
// BAD: v9 value is copied from v1, which came from the user
const char *v9 = v1;
printf(v9);