hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix FPs in 'cpp/non-constant-format'.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-02-28 10:05:05 +00:00
parent 1e5b235f4b
commit d93d22ba3e
2 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql
View File

@@ -121,7 +121,7 @@ predicate isNonConst(DataFlow::Node node, boolean isIndirect) {
pragma[noinline] pragma[noinline]
predicate isSanitizerNode(DataFlow::Node node) { predicate isSanitizerNode(DataFlow::Node node) {
underscoreMacro(node.asExpr()) underscoreMacro([node.asExpr(), node.asIndirectExpr()])
or or
exists(node.asExpr()) and exists(node.asExpr()) and
cannotContainString(node.getType(), false) cannotContainString(node.getType(), false)

2
cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected
View File

@@ -1,7 +1,5 @@
| NonConstantFormat.c:30:10:30:16 | access to array | The format string argument to printf should be constant to prevent security issues and other potential errors. | | NonConstantFormat.c:30:10:30:16 | access to array | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| NonConstantFormat.c:34:9:34:36 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| NonConstantFormat.c:41:9:41:27 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. | | NonConstantFormat.c:41:9:41:27 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| NonConstantFormat.c:45:9:45:48 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. |
| nested.cpp:21:23:21:26 | fmt0 | The format string argument to snprintf should be constant to prevent security issues and other potential errors. | | nested.cpp:21:23:21:26 | fmt0 | The format string argument to snprintf should be constant to prevent security issues and other potential errors. |
| nested.cpp:79:32:79:38 | call to get_fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. | | nested.cpp:79:32:79:38 | call to get_fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. |
| nested.cpp:87:18:87:20 | fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. | | nested.cpp:87:18:87:20 | fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. |