hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update test.c

Browse Source
This commit is contained in:
ihsinme
2021-01-27 13:12:48 +03:00
committed by GitHub
parent 5d5cd4fde5
commit aebf7bdff4
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cpp/ql/test/experimental/query-tests/Security/CWE/CWE-788/semmle/tests/test.c
View File

@@ -2,14 +2,14 @@ void workFunction_0(char *s) {
char buf[80];
strncat(buf, s, sizeof(buf)-strlen(buf)-1); // GOOD
strncat(buf, s, sizeof(buf)-strlen(buf)); // BAD
strncat(buf, "fix", sizeof(buf)-strlen(buf)); // BAD but usually the size of the buffer is calculated manually.
strncat(buf, "fix", sizeof(buf)-strlen(buf)); // BAD [NOT DETECTED]
}
void workFunction_1(char *s) {
#define MAX_SIZE 80
char buf[MAX_SIZE];
strncat(buf, s, MAX_SIZE-strlen(buf)-1); // GOOD
strncat(buf, s, MAX_SIZE-strlen(buf)); // BAD
strncat(buf, "fix", MAX_SIZE-strlen(buf)); // BAD but usually the size of the buffer is calculated manually.
strncat(buf, "fix", MAX_SIZE-strlen(buf)); // BAD [NOT DETECTED]
}
void workFunction_2_0(char *s) {
char * buf;
@@ -17,8 +17,7 @@ void workFunction_2_0(char *s) {
buf = (char *) malloc(len);
strncat(buf, s, len-strlen(buf)-1); // GOOD
strncat(buf, s, len-strlen(buf)); // BAD
strncat(buf, "fix", len-strlen(buf)); // BAD but usually the size of the buffer is calculated manually.
}
strncat(buf, "fix", len-strlen(buf)); // BAD [NOT DETECTED]
void workFunction_2_1(char *s) {
char * buf;
int len=80;