C++: Fix bug for exact powers of 10 and accept test changes.

Author: MathiasVP

cpp/ql/lib/semmle/code/cpp/commons/Printf.qll

@@ -279,7 +279,7 @@ bindingset[f]
 private int lengthInBase10(float f) {
   f = 0 and result = 1
   or
-  result = f.log10().ceil()
+  result = f.log10().floor() + 1
 }
 
 /**

cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/OverrunWrite.expected

@@ -9,4 +9,7 @@
 | tests.cpp:324:3:324:9 | call to sprintf | This 'call to sprintf' operation requires 11 bytes but the destination is only 2 bytes. |
 | tests.cpp:327:2:327:8 | call to sprintf | This 'call to sprintf' operation requires 12 bytes but the destination is only 2 bytes. |
 | tests.cpp:329:3:329:9 | call to sprintf | This 'call to sprintf' operation requires 12 bytes but the destination is only 2 bytes. |
+| tests.cpp:341:2:341:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |
+| tests.cpp:343:2:343:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |
 | tests.cpp:345:2:345:8 | call to sprintf | This 'call to sprintf' operation requires 11 bytes but the destination is only 2 bytes. |
+| tests.cpp:347:2:347:8 | call to sprintf | This 'call to sprintf' operation requires 3 bytes but the destination is only 2 bytes. |

cpp/ql/test/query-tests/Security/CWE/CWE-242/semmle/tests/tests.cpp

@@ -338,11 +338,11 @@ void test6(unsigned unsigned_value, int value) {
 	sprintf(buffer, "%u", 5); // GOOD
 	sprintf(buffer, "%d", 5); // GOOD
 
-	sprintf(buffer, "%d", -1); // BAD [NOT DETECTED]
+	sprintf(buffer, "%d", -1); // BAD
 	sprintf(buffer, "%d", 9); // GOOD
-	sprintf(buffer, "%d", 10); // BAD [NOT DETECTED]
+	sprintf(buffer, "%d", 10); // BAD
 
 	sprintf(buffer, "%u", -1); // BAD
 	sprintf(buffer, "%u", 9); // GOOD
-	sprintf(buffer, "%u", 10); // BAD [NOT DETECTED]
+	sprintf(buffer, "%u", 10); // BAD
 }