Merge pull request github#16404 from geoffw0/qhelp2

geoffw0 · web-flow · commit 880d56c57633 · 2024-05-08T11:22:57.000+01:00
C++: Improve qhelp for WrongTypeFormatArguments.
diff --git a/cpp/ql/src/Likely Bugs/Format/TooManyFormatArguments.qhelp b/cpp/ql/src/Likely Bugs/Format/TooManyFormatArguments.qhelp
@@ -22,10 +22,8 @@ function.
 </example>
 <references>
 
-<li>cplusplus.com: <a href="http://www.tutorialspoint.com/cplusplus/cpp_functions.htm">C++ Functions</a>.</li>
+<li>CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/FIO47-C.+Use+valid+format+strings">FIO47-C. Use valid format strings</a>.</li>
 <li>Microsoft C Runtime Library Reference: <a href="https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/printf-printf-l-wprintf-wprintf-l">printf, wprintf</a>.</li>
 
-
-
 </references>
 </qhelp>
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.qhelp b/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.qhelp
@@ -19,8 +19,8 @@ contents.
 
 </overview>
 <recommendation>
-<p>Review the format and arguments expected by the highlighted function calls. Update either 
-the format or the arguments so that the expected number of arguments are passed to the 
+<p>Review the format and arguments expected by the highlighted function calls. Update either
+the format or the arguments so that the expected number of arguments are passed to the
 function.
 </p>
 
@@ -30,11 +30,8 @@ function.
 </example>
 <references>
 
-<li>CERT C Coding
-Standard: <a href="https://www.securecoding.cert.org/confluence/display/c/FIO30-C.+Exclude+user+input+from+format+strings">FIO30-C. Exclude user input from format strings</a>.</li>
-<li>cplusplus.com: <a href="http://www.tutorialspoint.com/cplusplus/cpp_functions.htm">C++ Functions</a>.</li>
+<li>CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/FIO47-C.+Use+valid+format+strings">FIO47-C. Use valid format strings</a>.</li>
 <li>Microsoft C Runtime Library Reference: <a href="https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/printf-printf-l-wprintf-wprintf-l">printf, wprintf</a>.</li>
 
-
 </references>
 </qhelp>
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.cpp b/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.cpp
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.qhelp b/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.qhelp
@@ -4,29 +4,33 @@
 <qhelp>
 <overview>
 <p>Each call to the <code>printf</code> function or a related function should include
-the type and sequence of arguments defined by the format. If the function is passed arguments 
+the type and sequence of arguments defined by the format. If the function is passed arguments
 of a different type or in a different sequence then the arguments are reinterpreted to fit the type and sequence expected, resulting in unpredictable behavior.</p>
 
 </overview>
 <recommendation>
-<p>Review the format and arguments expected by the highlighted function calls. Update either 
-the format or the arguments so that the expected type and sequence of arguments are passed to 
+<p>Review the format and arguments expected by the highlighted function calls. Update either
+the format or the arguments so that the expected type and sequence of arguments are passed to
 the function.
 </p>
 
 </recommendation>
-<example><sample src="WrongTypeFormatArguments.cpp" />
+<example>
 
-</example>
-<references>
+<p>In the following example, the wrong format specifier is given for an integer format argument:</p>
+
+<sample src="WrongTypeFormatArgumentsBad.cpp" />
 
-<li>CERT C Coding
-Standard: <a href="https://www.securecoding.cert.org/confluence/display/c/FIO30-C.+Exclude+user+input+from+format+strings">FIO30-C. Exclude user input from format strings</a>.</li>
-<li>cplusplus.com: <a href="http://www.tutorialspoint.com/cplusplus/cpp_functions.htm">C++ Functions</a>.</li>
-<li>CRT Alphabetical Function Reference: <a href="https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/printf-printf-l-wprintf-wprintf-l">printf, _printf_l, wprintf, _wprintf_l</a>.</li>
+<p>The corrected version uses <code>%i</code> as the format specifier for the integer format argument:</p>
 
+<sample src="WrongTypeFormatArgumentsGood.cpp" />
 
+</example>
+<references>
 
+<li>Microsoft Learn: <a href="https://learn.microsoft.com/en-us/cpp/c-runtime-library/format-specification-syntax-printf-and-wprintf-functions?view=msvc-170">Format specification syntax: printf and wprintf functions</a>.</li>
+<li>cplusplus.com:<a href="https://cplusplus.com/reference/cstdio/printf/"></a>printf</li>
+<li>CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/FIO47-C.+Use+valid+format+strings">FIO47-C. Use valid format strings</a>.</li>
 
 </references>
 </qhelp>
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArgumentsBad.cpp b/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArgumentsBad.cpp
@@ -0,0 +1,4 @@
+int main() {
+  printf("%s\n", 42); // BAD: printf will treat 42 as a char*, will most likely segfault
+  return 0;
+}
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArgumentsGood.cpp b/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArgumentsGood.cpp
@@ -0,0 +1,4 @@
+int main() {
+  printf("%i\n", 42); // GOOD: printf will treat 42 as an int
+  return 0;
+}
