Merge pull request #14769 from MathiasVP/fix-nonterminating-test

MathiasVP · web-flow · commit 8be6aeda3e38 · 2023-11-13T15:49:39.000Z
C++: Fix nonterminating test
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/UnboundedWrite.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/UnboundedWrite.expected
@@ -1,4 +1,16 @@
 edges
-subpaths
+| main.cpp:6:27:6:30 | argv indirection | main.cpp:10:20:10:23 | argv indirection |
+| main.cpp:10:20:10:23 | argv indirection | tests.cpp:618:32:618:35 | argv indirection |
+| tests.cpp:613:19:613:24 | source indirection | tests.cpp:615:17:615:22 | source indirection |
+| tests.cpp:618:32:618:35 | argv indirection | tests.cpp:643:9:643:15 | access to array indirection |
+| tests.cpp:643:9:643:15 | access to array indirection | tests.cpp:613:19:613:24 | source indirection |
 nodes
+| main.cpp:6:27:6:30 | argv indirection | semmle.label | argv indirection |
+| main.cpp:10:20:10:23 | argv indirection | semmle.label | argv indirection |
+| tests.cpp:613:19:613:24 | source indirection | semmle.label | source indirection |
+| tests.cpp:615:17:615:22 | source indirection | semmle.label | source indirection |
+| tests.cpp:618:32:618:35 | argv indirection | semmle.label | argv indirection |
+| tests.cpp:643:9:643:15 | access to array indirection | semmle.label | access to array indirection |
+subpaths
 #select
+| tests.cpp:615:2:615:7 | call to strcpy | main.cpp:6:27:6:30 | argv indirection | tests.cpp:615:17:615:22 | source indirection | This 'call to strcpy' with input from $@ may overflow the destination. | main.cpp:6:27:6:30 | argv indirection | a command-line argument |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/tests.cpp
@@ -407,7 +407,7 @@ void test15()
 		{
 			if (ptr[5] == ' ') // GOOD
 			{
-				// ...
+				break;
 			}
 		}
 	}
@@ -608,6 +608,13 @@ int test23() {
 	return sizeof(buffer) / sizeof(buffer[101]); // GOOD
 }
 
+char* strcpy(char *, const char *);
+
+void test24(char* source) {
+	char buffer[100];
+	strcpy(buffer, source); // BAD
+}
+
 int tests_main(int argc, char *argv[])
 {
 	long long arr17[19];
@@ -633,6 +640,7 @@ int tests_main(int argc, char *argv[])
 	test21(argc == 0);
 	test22(argc == 0, argv[0]);
 	test23();
+	test24(argv[0]);
 
 	return 0;
 }

Original file line number	Diff line number	Diff line change
`@@ -407,7 +407,7 @@ void test15()`
`407`	`407`	`{`
`408`	`408`	`if (ptr[5] == ' ') // GOOD`
`409`	`409`	`{`
`410`		`- // ...`
	`410`	`+ break;`
`411`	`411`	`}`
`412`	`412`	`}`
`413`	`413`	`}`
`@@ -608,6 +608,13 @@ int test23() {`
`608`	`608`	`return sizeof(buffer) / sizeof(buffer[101]); // GOOD`
`609`	`609`	`}`
`610`	`610`
	`611`	`+char* strcpy(char , const char );`
	`612`	`+`
	`613`	`+void test24(char* source) {`
	`614`	`+ char buffer[100];`
	`615`	`+ strcpy(buffer, source); // BAD`
	`616`	`+}`
	`617`	`+`
`611`	`618`	`int tests_main(int argc, char *argv[])`
`612`	`619`	`{`
`613`	`620`	`long long arr17[19];`
`@@ -633,6 +640,7 @@ int tests_main(int argc, char *argv[])`
`633`	`640`	`test21(argc == 0);`
`634`	`641`	`test22(argc == 0, argv[0]);`
`635`	`642`	`test23();`
	`643`	`+ test24(argv[0]);`
`636`	`644`
`637`	`645`	`return 0;`
`638`	`646`	`}`