Merge branch 'master' into moremsalloc

cpp/config/suites/security/cwe-119

@@ -3,8 +3,8 @@
     @name Call to memory access function may overflow buffer (CWE-119)
 + semmlecode-cpp-queries/Critical/OverflowStatic.ql: /CWE/CWE-119
     @name Static array access may cause overflow (CWE-119)
-# + semmlecode-cpp-queries/Critical/OverflowDestination.ql: /CWE/CWE-119
-#    ^ disabled due to timeout issue
++ semmlecode-cpp-queries/Critical/OverflowDestination.ql: /CWE/CWE-119
+    @name Copy function using source size (CWE-119)
 + semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql: /CWE/CWE-119
     @name Potentially unsafe call to strncat (CWE-119)
 + semmlecode-cpp-queries/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql: /CWE/CWE-119

cpp/ql/src/jsf/4.10 Classes/AV Rule 79.ql

@@ -21,7 +21,7 @@ predicate acquireExpr(Expr acquire, string kind) {
   exists(FunctionCall fc, Function f, string name |
     fc = acquire and
     f = fc.getTarget() and
-    name = f.getName() and 
+    name = f.getQualifiedName() and 
     (
       (
         name = "fopen" and
@@ -47,7 +47,7 @@ predicate releaseExpr(Expr release, Expr resource, string kind) {
   exists(FunctionCall fc, Function f, string name |
     fc = release and
     f = fc.getTarget() and
-    name = f.getName() and 
+    name = f.getQualifiedName() and 
     (
       (
         name = "fclose" and

cpp/ql/test/query-tests/jsf/4.10 Classes/AV Rule 79/Variants.cpp

@@ -73,3 +73,39 @@ public:
 
 	int *a, *b, *c;
 };
+
+class MyClass7
+{
+public:
+	MyClass7()
+	{
+	}
+
+	bool open()
+	{
+		// ...
+	}
+
+	void close()
+	{
+		// ...
+	}
+};
+
+class myClass7Test
+{
+public:
+	myClass7Test()
+	{
+		success = mc7.open(); // GOOD
+	}
+
+	~myClass7Test()
+	{
+		mc7.close();
+	}
+
+private:
+	MyClass7 mc7;
+	bool success;
+};