C++: doc fixes to VeryLikelyOverrunWrite

redsun82 · web-flow · commit aac029841a02 · 2022-01-13T11:59:47.000Z
diff --git a/cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql b/cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql
@@ -33,7 +33,7 @@ import TaintedWithPath
  *    hasExplicitLimit()    exists(getMaxData())  exists(getBufferSize(bw.getDest(), _))) handled by
  *    NO                    NO                    either                                  UnboundedWrite.ql isUnboundedWrite()
  *    NO                    YES                   NO                                      UnboundedWrite.ql isMaybeUnboundedWrite()
- *    NO                    YES                   YES                                     OverrunWrite.ql, OverrunWriteFloat.ql
+ *    NO                    YES                   YES                                     VeryLikelyOverrunWrite.ql, OverrunWrite.ql, OverrunWriteFloat.ql
  *    YES                   either                YES                                     BadlyBoundedWrite.ql
  *    YES                   either                NO                                      (assumed OK)
  */
diff --git a/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.qhelp b/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.qhelp
@@ -11,7 +11,7 @@
 
 </recommendation>
 <example>
-<sample src="OverrunWrite.c" />
+<sample src="VeryLikelyOverrunWrite.c" />
 
 <p>In this example, the call to <code>sprintf</code> writes a message of 14 characters (including the terminating null) plus the length of the string conversion of `userId` into a buffer with space for just 17 characters. While `userId` is checked to occupy no more than 4 characters when converted, there is no space in the buffer for the terminating null character if `userId >= 1000`. In this case, the null character overflows the buffer resulting in undefined behavior.</p>
 
