From c9a3cf4bd0257688414540ce3583dc9204b06dbc Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 28 Jan 2025 15:48:11 +0000 Subject: [PATCH] C++: Accept test changes. --- .../CWE/CWE-119/semmle/tests/OverflowBuffer.expected | 3 --- .../query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp | 6 +++--- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowBuffer.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowBuffer.expected index 134537fa296..8f78aea1533 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowBuffer.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowBuffer.expected @@ -49,12 +49,9 @@ | tests.cpp:577:7:577:13 | access to array | This array indexing operation accesses a negative index -1 on the $@. | tests.cpp:565:7:565:12 | buffer | array | | tests.cpp:637:6:637:15 | access to array | This array indexing operation accesses a negative index -1 on the $@. | tests.cpp:633:7:633:12 | buffer | array | | tests.cpp:645:7:645:13 | access to array | This array indexing operation accesses a negative index -1 on the $@. | tests.cpp:633:7:633:12 | buffer | array | -| tests.cpp:696:3:696:8 | call to memset | This 'memset' operation accesses 24 bytes but the $@ is only 8 bytes. | tests.cpp:691:16:691:16 | a | destination buffer | -| tests.cpp:700:3:700:8 | call to memset | This 'memset' operation accesses 16 bytes but the $@ is only 8 bytes. | tests.cpp:692:16:692:16 | b | destination buffer | | tests.cpp:708:3:708:8 | call to memset | This 'memset' operation accesses 24 bytes but the $@ is only 8 bytes. | tests.cpp:693:16:693:16 | c | destination buffer | | tests.cpp:712:3:712:8 | call to memset | This 'memset' operation accesses 16 bytes but the $@ is only 8 bytes. | tests.cpp:693:16:693:16 | c | destination buffer | | tests.cpp:716:3:716:8 | call to memset | This 'memset' operation accesses 16 bytes but the $@ is only 8 bytes. | tests.cpp:693:16:693:16 | c | destination buffer | -| tests.cpp:726:2:726:7 | call to memset | This 'memset' operation accesses 24 bytes but the $@ is only 8 bytes. | tests.cpp:691:16:691:16 | a | destination buffer | | tests.cpp:727:2:727:7 | call to memset | This 'memset' operation accesses 24 bytes but the $@ is only 8 bytes. | tests.cpp:693:16:693:16 | c | destination buffer | | tests_restrict.c:12:2:12:7 | call to memcpy | This 'memcpy' operation accesses 2 bytes but the $@ is only 1 byte. | tests_restrict.c:7:6:7:13 | smallbuf | source buffer | | unions.cpp:26:2:26:7 | call to memset | This 'memset' operation accesses 200 bytes but the $@ is only 100 bytes. | unions.cpp:21:10:21:11 | mu | destination buffer | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp index 81d76dc72f6..807ccc32c1e 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp @@ -693,11 +693,11 @@ struct HasSomeFields { unsigned long c; void test29() { - memset(&a, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, a)); // GOOD [FALSE POSITIVE] + memset(&a, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, a)); // GOOD }; void test30() { - memset(&b, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, b)); // GOOD [FALSE POSITIVE] + memset(&b, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, b)); // GOOD }; void test31() { @@ -723,7 +723,7 @@ struct HasSomeFields { void test36() { HasSomeFields hsf; - memset(&hsf.a, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, a)); // GOOD [FALSE POSITIVE] + memset(&hsf.a, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, a)); // GOOD memset(&hsf.c, 0, sizeof(HasSomeFields) - offsetof(HasSomeFields, a)); // BAD }