C++: Add FP test.

MathiasVP · MathiasVP · commit 3a66fd717546 · 2024-01-29T10:59:38.000Z
diff --git a/cpp/ql/test/query-tests/Critical/MissingCheckScanf/IncorrectCheckScanf.expected b/cpp/ql/test/query-tests/Critical/MissingCheckScanf/IncorrectCheckScanf.expected
@@ -3,3 +3,4 @@
 | test.cpp:204:7:204:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
 | test.cpp:436:7:436:11 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
 | test.cpp:443:11:443:15 | call to scanf | The result of scanf is only checked against 0, but it can also return EOF. |
+| test.cpp:455:12:455:17 | call to sscanf | The result of scanf is only checked against 0, but it can also return EOF. |
diff --git a/cpp/ql/test/query-tests/Critical/MissingCheckScanf/test.cpp b/cpp/ql/test/query-tests/Critical/MissingCheckScanf/test.cpp
@@ -446,4 +446,16 @@ void bad_check() {
 		}
 		use(i);  // GOOD [FALSE POSITIVE]: Technically no security issue, but code is incorrect.
 	}
+}
+
+#define EOF (-1)
+
+void disjunct_boolean_condition(const char* modifier_data) {
+	long value;
+	auto rc = sscanf(modifier_data, "%lx", &value);
+
+	if((rc == EOF) || (rc == 0)) {
+		return;
+	}
+	use(value); // GOOD
 }

Original file line number	Diff line number	Diff line change
`@@ -446,4 +446,16 @@ void bad_check() {`
`446`	`446`	`}`
`447`	`447`	`use(i); // GOOD [FALSE POSITIVE]: Technically no security issue, but code is incorrect.`
`448`	`448`	`}`
	`449`	`+}`
	`450`	`+`
	`451`	`+#define EOF (-1)`
	`452`	`+`
	`453`	`+void disjunct_boolean_condition(const char* modifier_data) {`
	`454`	`+ long value;`
	`455`	`+ auto rc = sscanf(modifier_data, "%lx", &value);`
	`456`	`+`
	`457`	`+ if((rc == EOF) \|\| (rc == 0)) {`
	`458`	`+ return;`
	`459`	`+ }`
	`460`	`+ use(value); // GOOD`
`449`	`461`	`}`