hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add testcase demonstrating lost query results

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2020-07-15 14:42:45 +02:00
parent 7dd2677746
commit d711c22cd2
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/tests.cpp
View File

@@ -289,3 +289,22 @@ void test5(va_list args, float f)
vsprintf(buffer4, "123", args); // GOOD
vsprintf(buffer4, "1234", args); // BAD: buffer overflow [NOT DETECTED]
}
namespace custom_sprintf_impl {
int sprintf(char *buf, const char *format, ...)
{
__builtin_va_list args;
int i;
__builtin_va_start(args, format);
i = vsprintf(buf, format, args);
__builtin_va_end(args);
return i;
}
void regression_test1()
{
char buffer8[8];
sprintf(buffer8, "12345678"); // BAD: potential buffer overflow [NOT DETECTED]
}
}