C++: Fix bug for exact powers of 10 and accept test changes.

2026-05-05 13:45:19 +02:00 · 2021-11-15 13:20:45 +00:00
parent 53884915a5
commit 9a9f7943aa
3 changed files with 7 additions and 4 deletions
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/OverrunWrite.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/OverrunWrite.expected
@@ -9,4 +9,7 @@
 | tests.cpp:324:3:324:9 | call to sprintf | This 'call to sprintf' operation requires 11 bytes but the destination is only 2 bytes. |
 | tests.cpp:327:2:327:8 | call to sprintf | This 'call to sprintf' operation requires 12 bytes but the destination is only 2 bytes. |
 | tests.cpp:329:3:329:9 | call to sprintf | This 'call to sprintf' operation requires 12 bytes but the destination is only 2 bytes. |
+| tests.cpp:341:2:341:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |
+| tests.cpp:343:2:343:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |
 | tests.cpp:345:2:345:8 | call to sprintf | This 'call to sprintf' operation requires 11 bytes but the destination is only 2 bytes. |
+| tests.cpp:347:2:347:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/tests.cpp
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/tests.cpp
@@ -338,11 +338,11 @@ void test6(unsigned unsigned_value, int value) {
 	sprintf(buffer, "%u", 5); // GOOD
 	sprintf(buffer, "%d", 5); // GOOD

-	sprintf(buffer, "%d", -1); // BAD [NOT DETECTED]
+	sprintf(buffer, "%d", -1); // BAD
 	sprintf(buffer, "%d", 9); // GOOD
-	sprintf(buffer, "%d", 10); // BAD [NOT DETECTED]
+	sprintf(buffer, "%d", 10); // BAD

 	sprintf(buffer, "%u", -1); // BAD
 	sprintf(buffer, "%u", 9); // GOOD
-	sprintf(buffer, "%u", 10); // BAD [NOT DETECTED]
+	sprintf(buffer, "%u", 10); // BAD
 }