C++: Fix a few glitches and accept line number changes in expected files.

Author: geoffw0

cpp/ql/test/query-tests/Security/CWE/CWE-022/SAMATE/TaintedPath/CWE23_Relative_Path_Traversal__char_console_fopen_11.cpp

@@ -5,6 +5,7 @@
 
 #define NULL (0)
 
+typedef unsigned long size_t;
 typedef size_t time_t;
 time_t time(time_t *timer);
 
@@ -129,3 +130,5 @@ static void goodG2B2()
         }
     }
 }
+
+}

cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected

@@ -1 +1 @@
-| tests.cpp:55:16:55:19 | data | This argument to an OS command is derived from $@ and then passed to system(string) | tests.cpp:35:34:35:39 | call to getenv | user input (getenv) |
+| tests.cpp:53:16:53:19 | data | This argument to an OS command is derived from $@ and then passed to system(string) | tests.cpp:33:34:33:39 | call to getenv | user input (getenv) |

cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/tests.cpp

@@ -6,7 +6,7 @@
 #define NULL (0)
 typedef unsigned long size_t;
 size_t strlen(const char *s);
-char *strncat(char *s1, const char *s2, size_t n);n);
+char *strncat(char *s1, const char *s2, size_t n);
 char *getenv(const char *name);
 int system(const char *string);
 void exit(int status);

cpp/ql/test/query-tests/Security/CWE/CWE-114/SAMATE/UncontrolledProcessOperation/UncontrolledProcessOperation.expected

@@ -1,30 +1,30 @@
 edges
-| test.cpp:35:73:35:76 | *data | test.cpp:41:32:41:35 | (LPCSTR)... |
-| test.cpp:35:73:35:76 | *data | test.cpp:41:32:41:35 | data |
-| test.cpp:35:73:35:76 | *data | test.cpp:41:32:41:35 | data indirection |
-| test.cpp:35:73:35:76 | data | test.cpp:41:32:41:35 | (LPCSTR)... |
-| test.cpp:35:73:35:76 | data | test.cpp:41:32:41:35 | data |
-| test.cpp:35:73:35:76 | data | test.cpp:41:32:41:35 | data |
-| test.cpp:35:73:35:76 | data | test.cpp:41:32:41:35 | data indirection |
-| test.cpp:62:30:62:35 | call to getenv | test.cpp:71:17:71:22 | data |
-| test.cpp:62:30:62:35 | call to getenv | test.cpp:71:17:71:22 | data |
-| test.cpp:62:30:62:35 | call to getenv | test.cpp:71:24:71:27 | data indirection |
-| test.cpp:62:30:62:35 | call to getenv | test.cpp:71:24:71:27 | data indirection |
-| test.cpp:71:17:71:22 | data | test.cpp:35:73:35:76 | data |
-| test.cpp:71:24:71:27 | data indirection | test.cpp:35:73:35:76 | *data |
+| test.cpp:37:73:37:76 | *data | test.cpp:43:32:43:35 | (LPCSTR)... |
+| test.cpp:37:73:37:76 | *data | test.cpp:43:32:43:35 | data |
+| test.cpp:37:73:37:76 | *data | test.cpp:43:32:43:35 | data indirection |
+| test.cpp:37:73:37:76 | data | test.cpp:43:32:43:35 | (LPCSTR)... |
+| test.cpp:37:73:37:76 | data | test.cpp:43:32:43:35 | data |
+| test.cpp:37:73:37:76 | data | test.cpp:43:32:43:35 | data |
+| test.cpp:37:73:37:76 | data | test.cpp:43:32:43:35 | data indirection |
+| test.cpp:64:30:64:35 | call to getenv | test.cpp:73:17:73:22 | data |
+| test.cpp:64:30:64:35 | call to getenv | test.cpp:73:17:73:22 | data |
+| test.cpp:64:30:64:35 | call to getenv | test.cpp:73:24:73:27 | data indirection |
+| test.cpp:64:30:64:35 | call to getenv | test.cpp:73:24:73:27 | data indirection |
+| test.cpp:73:17:73:22 | data | test.cpp:37:73:37:76 | data |
+| test.cpp:73:24:73:27 | data indirection | test.cpp:37:73:37:76 | *data |
 nodes
-| test.cpp:35:73:35:76 | *data | semmle.label | *data |
-| test.cpp:35:73:35:76 | data | semmle.label | data |
-| test.cpp:41:32:41:35 | (LPCSTR)... | semmle.label | (LPCSTR)... |
-| test.cpp:41:32:41:35 | (LPCSTR)... | semmle.label | (LPCSTR)... |
-| test.cpp:41:32:41:35 | data | semmle.label | data |
-| test.cpp:41:32:41:35 | data | semmle.label | data |
-| test.cpp:41:32:41:35 | data | semmle.label | data |
-| test.cpp:41:32:41:35 | data indirection | semmle.label | data indirection |
-| test.cpp:41:32:41:35 | data indirection | semmle.label | data indirection |
-| test.cpp:62:30:62:35 | call to getenv | semmle.label | call to getenv |
-| test.cpp:62:30:62:35 | call to getenv | semmle.label | call to getenv |
-| test.cpp:71:17:71:22 | data | semmle.label | data |
-| test.cpp:71:24:71:27 | data indirection | semmle.label | data indirection |
+| test.cpp:37:73:37:76 | *data | semmle.label | *data |
+| test.cpp:37:73:37:76 | data | semmle.label | data |
+| test.cpp:43:32:43:35 | (LPCSTR)... | semmle.label | (LPCSTR)... |
+| test.cpp:43:32:43:35 | (LPCSTR)... | semmle.label | (LPCSTR)... |
+| test.cpp:43:32:43:35 | data | semmle.label | data |
+| test.cpp:43:32:43:35 | data | semmle.label | data |
+| test.cpp:43:32:43:35 | data | semmle.label | data |
+| test.cpp:43:32:43:35 | data indirection | semmle.label | data indirection |
+| test.cpp:43:32:43:35 | data indirection | semmle.label | data indirection |
+| test.cpp:64:30:64:35 | call to getenv | semmle.label | call to getenv |
+| test.cpp:64:30:64:35 | call to getenv | semmle.label | call to getenv |
+| test.cpp:73:17:73:22 | data | semmle.label | data |
+| test.cpp:73:24:73:27 | data indirection | semmle.label | data indirection |
 #select
-| test.cpp:41:32:41:35 | data | test.cpp:62:30:62:35 | call to getenv | test.cpp:41:32:41:35 | data | The value of this argument may come from $@ and is being passed to LoadLibraryA | test.cpp:62:30:62:35 | call to getenv | call to getenv |
+| test.cpp:43:32:43:35 | data | test.cpp:64:30:64:35 | call to getenv | test.cpp:43:32:43:35 | data | The value of this argument may come from $@ and is being passed to LoadLibraryA | test.cpp:64:30:64:35 | call to getenv | call to getenv |

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/BadlyBoundedWrite.expected

@@ -1,4 +1,4 @@
-| tests.cpp:352:13:352:19 | call to strncat | This 'call to strncat' operation is limited to 100 bytes but the destination is only 50 bytes. |
-| tests.cpp:454:9:454:15 | call to wcsncpy | This 'call to wcsncpy' operation is limited to 198 bytes but the destination is only 100 bytes. |
-| tests.cpp:483:9:483:16 | call to swprintf | This 'call to swprintf' operation is limited to 200 bytes but the destination is only 100 bytes. |
-| tests.cpp:632:13:632:20 | call to swprintf | This 'call to swprintf' operation is limited to 200 bytes but the destination is only 100 bytes. |
+| tests.cpp:350:13:350:19 | call to strncat | This 'call to strncat' operation is limited to 100 bytes but the destination is only 50 bytes. |
+| tests.cpp:452:9:452:15 | call to wcsncpy | This 'call to wcsncpy' operation is limited to 396 bytes but the destination is only 200 bytes. |
+| tests.cpp:481:9:481:16 | call to swprintf | This 'call to swprintf' operation is limited to 400 bytes but the destination is only 200 bytes. |
+| tests.cpp:630:13:630:20 | call to swprintf | This 'call to swprintf' operation is limited to 400 bytes but the destination is only 200 bytes. |

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverflowBuffer.expected

@@ -1,19 +1,19 @@
-| tests.cpp:47:9:47:14 | call to memcpy | This 'memcpy' operation accesses 32 bytes but the $@ is only 16 bytes. | tests.cpp:34:10:34:18 | charFirst | destination buffer |
-| tests.cpp:62:9:62:14 | call to memcpy | This 'memcpy' operation accesses 32 bytes but the $@ is only 16 bytes. | tests.cpp:34:10:34:18 | charFirst | destination buffer |
-| tests.cpp:173:9:173:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:166:20:166:25 | call to malloc | destination buffer |
-| tests.cpp:174:9:174:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:166:20:166:25 | call to malloc | array |
-| tests.cpp:194:9:194:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:183:10:183:22 | dataBadBuffer | destination buffer |
-| tests.cpp:194:9:194:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:187:12:187:24 | dataBadBuffer | destination buffer |
-| tests.cpp:195:9:195:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:183:10:183:22 | dataBadBuffer | array |
-| tests.cpp:195:9:195:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:187:12:187:24 | dataBadBuffer | array |
-| tests.cpp:214:9:214:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:203:36:203:41 | call to alloca | destination buffer |
-| tests.cpp:214:9:214:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:207:12:207:24 | dataBadBuffer | destination buffer |
-| tests.cpp:215:9:215:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:203:36:203:41 | call to alloca | array |
-| tests.cpp:215:9:215:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:207:12:207:24 | dataBadBuffer | array |
-| tests.cpp:239:9:239:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:223:36:223:41 | call to alloca | array |
-| tests.cpp:239:9:239:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:227:12:227:24 | dataBadBuffer | array |
-| tests.cpp:263:9:263:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:247:10:247:22 | dataBadBuffer | array |
-| tests.cpp:263:9:263:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:251:12:251:24 | dataBadBuffer | array |
-| tests.cpp:386:9:386:14 | call to memcpy | This 'memcpy' operation accesses 40 bytes but the $@ is only 10 bytes. | tests.cpp:382:19:382:24 | call to alloca | destination buffer |
-| tests.cpp:436:9:436:19 | access to array | This array indexing operation accesses byte offset 199 but the $@ is only 100 bytes. | tests.cpp:424:12:424:26 | new[] | array |
-| tests.cpp:455:9:455:19 | access to array | This array indexing operation accesses byte offset 199 but the $@ is only 100 bytes. | tests.cpp:447:12:447:26 | new[] | array |
+| tests.cpp:45:9:45:14 | call to memcpy | This 'memcpy' operation accesses 32 bytes but the $@ is only 16 bytes. | tests.cpp:32:10:32:18 | charFirst | destination buffer |
+| tests.cpp:60:9:60:14 | call to memcpy | This 'memcpy' operation accesses 32 bytes but the $@ is only 16 bytes. | tests.cpp:32:10:32:18 | charFirst | destination buffer |
+| tests.cpp:171:9:171:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:164:20:164:25 | call to malloc | destination buffer |
+| tests.cpp:172:9:172:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:164:20:164:25 | call to malloc | array |
+| tests.cpp:192:9:192:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:181:10:181:22 | dataBadBuffer | destination buffer |
+| tests.cpp:192:9:192:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:185:12:185:24 | dataBadBuffer | destination buffer |
+| tests.cpp:193:9:193:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:181:10:181:22 | dataBadBuffer | array |
+| tests.cpp:193:9:193:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:185:12:185:24 | dataBadBuffer | array |
+| tests.cpp:212:9:212:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:201:36:201:41 | call to alloca | destination buffer |
+| tests.cpp:212:9:212:14 | call to memcpy | This 'memcpy' operation accesses 100 bytes but the $@ is only 50 bytes. | tests.cpp:205:12:205:24 | dataBadBuffer | destination buffer |
+| tests.cpp:213:9:213:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:201:36:201:41 | call to alloca | array |
+| tests.cpp:213:9:213:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:205:12:205:24 | dataBadBuffer | array |
+| tests.cpp:237:9:237:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:221:36:221:41 | call to alloca | array |
+| tests.cpp:237:9:237:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:225:12:225:24 | dataBadBuffer | array |
+| tests.cpp:261:9:261:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:245:10:245:22 | dataBadBuffer | array |
+| tests.cpp:261:9:261:19 | access to array | This array indexing operation accesses byte offset 99 but the $@ is only 50 bytes. | tests.cpp:249:12:249:24 | dataBadBuffer | array |
+| tests.cpp:384:9:384:14 | call to memcpy | This 'memcpy' operation accesses 40 bytes but the $@ is only 10 bytes. | tests.cpp:380:19:380:24 | call to alloca | destination buffer |
+| tests.cpp:434:9:434:19 | access to array | This array indexing operation accesses byte offset 399 but the $@ is only 200 bytes. | tests.cpp:422:12:422:26 | new[] | array |
+| tests.cpp:453:9:453:19 | access to array | This array indexing operation accesses byte offset 399 but the $@ is only 200 bytes. | tests.cpp:445:12:445:26 | new[] | array |

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverflowStatic.expected

@@ -1,2 +1,2 @@
-| tests.cpp:47:51:47:72 | sizeof(<expr>) | Potential buffer-overflow: 'charFirst' has size 16 not 32. |
-| tests.cpp:62:52:62:74 | sizeof(<expr>) | Potential buffer-overflow: 'charFirst' has size 16 not 32. |
+| tests.cpp:45:51:45:72 | sizeof(<expr>) | Potential buffer-overflow: 'charFirst' has size 16 not 32. |
+| tests.cpp:60:52:60:74 | sizeof(<expr>) | Potential buffer-overflow: 'charFirst' has size 16 not 32. |

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/StrncpyFlippedArgs.expected

@@ -1,3 +1,3 @@
-| tests.cpp:292:13:292:19 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |
-| tests.cpp:308:4:308:10 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |
-| tests.cpp:454:9:454:15 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |
+| tests.cpp:290:13:290:19 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |
+| tests.cpp:306:4:306:10 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |
+| tests.cpp:452:9:452:15 | call to wcsncpy | Potentially unsafe call to wcsncpy; third argument should be size of destination. |

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/tests.cpp

@@ -1,5 +1,3 @@
-//semmle-extractor-options: --edg --target --edg win64
-
 // A sample of tests from the SAMATE Juliet framework for rule CWE-119.
 
 // library types, functions etc

cpp/ql/test/query-tests/Security/CWE/CWE-129/SAMATE/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected

@@ -1 +1 @@
-| CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:51:20:51:23 | data | $@ flows to here and is used in an array indexing expression, potentially causing an invalid access. | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:29:19:29:29 | inputBuffer | User-provided value |
+| CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | $@ flows to here and is used in an array indexing expression, potentially causing an invalid access. | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:30:19:30:29 | inputBuffer | User-provided value |