mirror of
https://github.com/github/codeql.git
synced 2026-05-04 13:15:21 +02:00
C++: First working. We now prefer flagging the cases where the variable was initialized, as in real world cases we haven't seen it done safely.
This commit is contained in:
Geoffrey White
committed by
Nora Dimitrijević
Nora Dimitrijević
parent
76ef779f60
commit
c62ae3b350
@@ -0,0 +1,9 @@
|
||||
| test.cpp:23:3:23:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:39:3:39:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:48:3:48:8 | call to fscanf | This is a call to scanf. |
|
||||
| test.cpp:55:3:55:8 | call to sscanf | This is a call to scanf. |
|
||||
| test.cpp:135:3:135:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:143:3:143:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:151:3:151:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:163:3:163:7 | call to scanf | This is a call to scanf. |
|
||||
| test.cpp:173:3:173:7 | call to scanf | This is a call to scanf. |
|
||||
|
||||
@@ -36,7 +36,7 @@ int main()
|
||||
{
|
||||
int i = 0;
|
||||
|
||||
scanf("%d", &i); // GOOD: we assume the initialization of `i` is a reasonable default
|
||||
scanf("%d", &i); // BAD
|
||||
use(i);
|
||||
}
|
||||
|
||||
@@ -79,7 +79,7 @@ int main()
|
||||
{
|
||||
int i;
|
||||
|
||||
if (scanf("%d", &i) != 0) // GOOD (just barely)
|
||||
if (scanf("%d", &i) != 0) // BAD: scanf can return -1 [NOT DETECTED]
|
||||
{
|
||||
use(i);
|
||||
}
|
||||
@@ -88,7 +88,7 @@ int main()
|
||||
{
|
||||
int i;
|
||||
|
||||
if (scanf("%d", &i) == 0) // BAD: checks return value incorrectly
|
||||
if (scanf("%d", &i) == 0) // BAD: checks return value incorrectly [NOT DETECTED]
|
||||
{
|
||||
use(i);
|
||||
}
|
||||
@@ -119,7 +119,7 @@ int main()
|
||||
{
|
||||
int i, j;
|
||||
|
||||
if (scanf("%d %d", &i) >= 1) // BAD: checks return value incorrectly
|
||||
if (scanf("%d %d", &i, &j) >= 1) // BAD: checks return value incorrectly [NOT DETECTED]
|
||||
{
|
||||
use(i);
|
||||
use(j);
|
||||
@@ -132,7 +132,7 @@ int main()
|
||||
int i;
|
||||
i = 0;
|
||||
|
||||
scanf("%d", &i); // GOOD
|
||||
scanf("%d", &i); // BAD
|
||||
use(i);
|
||||
}
|
||||
|
||||
@@ -140,7 +140,7 @@ int main()
|
||||
int i;
|
||||
|
||||
set_by_ref(i);
|
||||
scanf("%d", &i); // GOOD: we have to assume `i` was initialized
|
||||
scanf("%d", &i); // BAD
|
||||
use(i);
|
||||
}
|
||||
|
||||
@@ -148,7 +148,7 @@ int main()
|
||||
int i;
|
||||
|
||||
set_by_ptr(&i);
|
||||
scanf("%d", &i); // GOOD: we have to assume `i` was initialized
|
||||
scanf("%d", &i); // BAD
|
||||
use(i);
|
||||
}
|
||||
|
||||
@@ -164,6 +164,16 @@ int main()
|
||||
use(i);
|
||||
}
|
||||
|
||||
// --- different use ---
|
||||
|
||||
{
|
||||
int i;
|
||||
int *ptr_i = &i;
|
||||
|
||||
scanf("%d", &i); // BAD: may not have written `i`
|
||||
use(*ptr_i);
|
||||
}
|
||||
|
||||
// --- weird formatting strings ---
|
||||
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user