Add files via upload

Author: ihsinme

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation/DangerousUseOfTransformationAfterOperation.expected

@@ -0,0 +1,4 @@
+| test.cpp:9:8:9:12 | ... * ... | possible signed overflow followed by offset of the pointer out of bounds |
+| test.cpp:13:24:13:28 | ... * ... | this transformation is applied after multiplication |
+| test.cpp:16:28:16:32 | ... * ... | this transformation is applied after multiplication |
+| test.cpp:19:22:19:26 | ... * ... | this transformation is applied after multiplication |

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation/DangerousUseOfTransformationAfterOperation.qlref

@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation/test.cpp

@@ -0,0 +1,23 @@
+void testCall (unsigned long);
+void functionWork() {
+  unsigned long aL;
+  char aA[10],*aP;
+  unsigned char aUC;
+  int aI;
+  unsigned int aUI;
+  aI = (aUI*8)/10; // GOOD
+  aI = aUI*8; // BAD
+  aP = aA+aI;
+  aI = (int)aUI*8; // GOOD
+  
+  aL = (unsigned long)(aI*aI); // BAD
+  aL = ((unsigned long)aI*aI); // GOOD
+  
+  testCall((unsigned long)(aI*aI)); // BAD
+  testCall(((unsigned long)aI*aI)); // GOOD
+  
+  if((unsigned long)(aI*aI) > aL) // BAD
+    return;
+  if(((unsigned long)aI*aI) > aL) // GOOD
+    return;
+}