C++: Undo BadlyBoundedWrite change from #13929

This rolls back the query change, ensuring that there is no need for a change note.
2026-04-30 11:15:13 +02:00 · 2023-08-18 13:48:58 +02:00
parent 478a105e21
commit a002f59f58
3 changed files with 5 additions and 2 deletions
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected
@@ -1,3 +1,6 @@
+| tests2.cpp:59:3:59:10 | call to snprintf | This 'call to snprintf' operation is limited to 13 bytes but the destination is only 0 bytes. |
 | tests2.cpp:59:3:59:10 | call to snprintf | This 'call to snprintf' operation is limited to 13 bytes but the destination is only 2 bytes. |
+| tests2.cpp:63:3:63:10 | call to snprintf | This 'call to snprintf' operation is limited to 13 bytes but the destination is only 0 bytes. |
+| tests2.cpp:63:3:63:10 | call to snprintf | This 'call to snprintf' operation is limited to 13 bytes but the destination is only 3 bytes. |
 | tests.c:43:3:43:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |
 | tests.c:46:3:46:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/tests2.cpp
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/tests2.cpp
@@ -60,5 +60,5 @@ void test3() {
  dest2 = (char*)malloc(3);
  if (!dest2)
    return;
-  snprintf(dest2, sizeof(src), "%s", src); // BAD [NOT DETECTED]: buffer overflow
+  snprintf(dest2, sizeof(src), "%s", src); // BAD (but with duplicate alerts)
 }