hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

[CPP-370] Reformat test cases so that the .expect files line up with what was

Browse Source 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
This commit is contained in:
Ziemowit Laski
2019-05-13 18:29:19 -07:00
parent 098b6543f5
commit 92054e2481
2 changed files with 2 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp
View File

@@ -10,10 +10,6 @@ const char *messages[] = {
"%u tasks left\n",
};
const char *simple_func(const char *str) {
return str;
}
const char *choose_message(unsigned int n) {
if (n == 0) {
const char *message = messages[0];
@@ -27,7 +23,7 @@ const char *choose_message(unsigned int n) {
const char *make_message(unsigned int n) {
static char buf[64];
sprintf(buf, "%d tasks left\n", n); // OK
sprintf(buf, "%d tasks left\n", n); // ok
return buf;
}
@@ -46,13 +42,11 @@ const char *const_wash(char *str) {
int main(int argc, char **argv) {
const char *message = messages[2];
printf(simple_func("Hello, World\n")); // OK
printf(choose_message(argc - 1), argc - 1); // OK
printf(messages[1]); // OK
printf(message); // OK
printf(make_message(argc - 1)); // OK
printf(make_message(argc - 1)); // NOT OK
printf("Hello, World\n"); // OK
printf(gettext("Hello, World\n")); // OK
printf(_("Hello, World\n")); // OK
{
char hello[] = "hello, World\n";

4
cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/NonConstantFormat.expected
View File

@@ -1,14 +1,10 @@
| consts.cpp:81:9:81:10 | c8 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:86:9:86:10 | v1 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:91:9:91:10 | v2 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:95:9:95:10 | v3 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:100:9:100:10 | v4 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:103:9:103:15 | call to varFunc | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:107:9:107:10 | v5 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:112:9:112:10 | v6 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:116:9:116:13 | access to array | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:121:9:121:10 | v8 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:130:9:130:10 | v9 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:135:9:135:11 | v10 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:140:9:140:11 | v11 | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| consts.cpp:145:9:145:11 | v12 | The format string argument to printf should be constant to prevent security issues and other potential errors. |