C++: Add more FPs.

Author: MathiasVP

cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/UnsignedDifferenceExpressionComparedZero.expected

@@ -14,3 +14,9 @@
 | test.cpp:276:11:276:19 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:288:10:288:18 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:312:9:312:25 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:347:9:347:17 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:352:6:352:14 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:359:10:359:18 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:362:8:362:16 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:369:10:369:18 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:375:8:375:16 | ... > ... | Unsigned subtraction can never be negative. |

cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/test.cpp

@@ -335,4 +335,43 @@ void test20(int a, bool b, unsigned long c)
   if (a - c - x > 0) // GOOD
   {
   }
+}
+
+uint32_t get_uint32();
+int64_t get_int64();
+
+void test21(unsigned long a)
+{
+  {
+    int b = a & get_int64();
+    if (a - b > 0) { } // GOOD [FALSE POSITIVE]
+  }
+
+  {
+  int b = a - get_uint32();
+  if(a - b > 0) { } // GOOD [FALSE POSITIVE]
+  }
+
+  {
+    int64_t c = get_int64();
+    if(c <= 0) {
+      int64_t b = (int64_t)a + c;
+      if(a - b > 0) { } // GOOD [FALSE POSITIVE]
+    }
+    int64_t b = (int64_t)a + c;
+    if(a - b > 0) { } // BAD
+  }
+
+  {
+    unsigned c = get_uint32();
+    if(c >= 1) {
+      int b = a / c;
+      if(a - b > 0) { } // GOOD [FALSE POSITIVE]
+    }
+  }
+
+  {
+    int b = a >> get_uint32();
+    if(a - b > 0) { } // GOOD [FALSE POSITIVE]
+  }
 }