C++: Remove FPs from cpp/badly-bounded-write

2026-04-25 08:45:14 +02:00 · 2024-12-05 14:37:19 +00:00
parent fd7469848e
commit b7f47f752b
2 changed files with 2 additions and 2 deletions
--- a/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql
+++ b/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql
@@ -25,7 +25,8 @@ from BufferWrite bw, int destSize
 where
  bw.hasExplicitLimit() and // has an explicit size limit
  destSize = max(getBufferSize(bw.getDest(), _)) and
-  bw.getExplicitLimit() > destSize // but it's larger than the destination
+  bw.getExplicitLimit() > destSize and // but it's larger than the destination
+  not bw.getDest().getUnderlyingType().stripType() instanceof ErroneousType // destSize may be incorrect
 select bw,
  "This '" + bw.getBWDesc() + "' operation is limited to " + bw.getExplicitLimit() +
    " bytes but the destination is only " + destSize + " bytes."
--- a/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected
+++ b/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected
@@ -1,3 +1,2 @@
-| errors.c:10:5:10:12 | call to swprintf | This 'call to swprintf' operation is limited to 12 bytes but the destination is only 3 bytes. |
 | tests.c:43:3:43:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |
 | tests.c:46:3:46:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |