hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Update tests

Browse Source
This commit is contained in:
Anders Fugmann
2021-09-13 12:10:58 +02:00
parent 342b2df93f
commit 9a35a699cb
2 changed files with 11 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/test/query-tests/Critical/OverflowStatic/OverflowStatic.expected
View File

@@ -9,11 +9,9 @@
| test.c:15:9:15:13 | access to array | Potential buffer-overflow: 'xs' has size 5 but 'xs[6]' is accessed here. |
| test.c:20:9:20:18 | access to array | Potential buffer-overflow: 'ys' has size 5 but 'ys[5]' is accessed here. |
| test.c:21:9:21:18 | access to array | Potential buffer-overflow: 'ys' has size 5 but 'ys[6]' is accessed here. |
| test.c:39:3:39:11 | access to array | Potential buffer-overflow: 'buf' has size 1 but 'buf[7]' is accessed here. |
| test.c:40:3:40:11 | access to array | Potential buffer-overflow: 'buf' has size 1 but 'buf[8]' is accessed here. |
| test.c:52:3:52:18 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:59:3:59:26 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:66:3:66:18 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:47:3:47:18 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:54:3:54:26 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:61:3:61:18 | access to array | Potential buffer-overflow: 'ptr' has size 8 but 'ptr[8]' is accessed here. |
| test.c:72:3:72:11 | access to array | Potential buffer-overflow: 'buf' has size 1 but 'buf[1]' is accessed here. |
| test.cpp:19:3:19:12 | access to array | Potential buffer-overflow: counter 'i' <= 3 but 'buffer1' has 3 elements. |
| test.cpp:20:3:20:12 | access to array | Potential buffer-overflow: counter 'i' <= 3 but 'buffer2' has 3 elements. |

16
cpp/ql/test/query-tests/Critical/OverflowStatic/test.c
View File

@@ -28,16 +28,11 @@ void f(void) {
}
void* malloc(long unsigned int);
typedef struct {
char len;
char buf[1];
} var_buf;
void test_buffer_sentinal() {
var_buf *b = malloc(10); // len(buf.buffer) effectively 8
struct { char len; char buf[1]; } *b = malloc(10); // len(buf.buffer) effectively 8
b->buf[0] = 0; // GOOD
b->buf[7] = 0; // GOOD [FALSE POSITIVE]
b->buf[8] = 0; // BAD
b->buf[7] = 0; // GOOD
b->buf[8] = 0; // BAD [NOT DETECTED]
}
union u {
@@ -66,6 +61,11 @@ void union_test2() {
u.ptr[sizeof(u)] = 0; // BAD
}
typedef struct {
char len;
char buf[1];
} var_buf;
void test_alloc() {
// Special case of taking sizeof without any addition or multiplications
var_buf *b = malloc(sizeof(var_buf));