From d93d22ba3ea8a74b84bab0590eaad4fd7929fcb9 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 28 Feb 2023 10:05:05 +0000 Subject: [PATCH] C++: Fix FPs in 'cpp/non-constant-format'. --- cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql | 2 +- .../Format/NonConstantFormat/NonConstantFormat.expected | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql b/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql index 59765a9ff4b..03d87bc8d35 100644 --- a/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql +++ b/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql @@ -121,7 +121,7 @@ predicate isNonConst(DataFlow::Node node, boolean isIndirect) { pragma[noinline] predicate isSanitizerNode(DataFlow::Node node) { - underscoreMacro(node.asExpr()) + underscoreMacro([node.asExpr(), node.asIndirectExpr()]) or exists(node.asExpr()) and cannotContainString(node.getType(), false) diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected index 0b8a9a2698b..0ea73248a7d 100644 --- a/cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected +++ b/cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected @@ -1,7 +1,5 @@ | NonConstantFormat.c:30:10:30:16 | access to array | The format string argument to printf should be constant to prevent security issues and other potential errors. | -| NonConstantFormat.c:34:9:34:36 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. | | NonConstantFormat.c:41:9:41:27 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. | -| NonConstantFormat.c:45:9:45:48 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. | | nested.cpp:21:23:21:26 | fmt0 | The format string argument to snprintf should be constant to prevent security issues and other potential errors. | | nested.cpp:79:32:79:38 | call to get_fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. | | nested.cpp:87:18:87:20 | fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. |