hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add getOutputParameterIndex override to UserDefinedFormattingFunction and accept test changes

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2020-07-15 14:45:17 +02:00
parent d711c22cd2
commit edc33b6516
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/OverrunWrite.expected
View File

@@ -2,3 +2,4 @@
| tests.cpp:259:2:259:8 | call to sprintf | This 'call to sprintf' operation requires 17 bytes but the destination is only 10 bytes. |
| tests.cpp:272:2:272:8 | call to sprintf | This 'call to sprintf' operation requires 9 bytes but the destination is only 8 bytes. |
| tests.cpp:273:2:273:8 | call to sprintf | This 'call to sprintf' operation requires 9 bytes but the destination is only 8 bytes. |
| tests.cpp:308:3:308:9 | call to sprintf | This 'call to sprintf' operation requires 9 bytes but the destination is only 8 bytes. |

2
cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/tests.cpp
View File

@@ -305,6 +305,6 @@ namespace custom_sprintf_impl {
void regression_test1()
{
char buffer8[8];
sprintf(buffer8, "12345678"); // BAD: potential buffer overflow [NOT DETECTED]
sprintf(buffer8, "12345678"); // BAD: potential buffer overflow
}
}