C++: Correct and add to test cases.

geoffw0 · geoffw0 · commit 517fd23ca59a · 2021-04-08T09:48:38.000+01:00
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/UnsignedDifferenceExpressionComparedZero.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/UnsignedDifferenceExpressionComparedZero.expected
@@ -18,3 +18,5 @@
 | test.cpp:208:6:208:14 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:252:10:252:18 | ... > ... | Unsigned subtraction can never be negative. |
 | test.cpp:266:10:266:24 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:276:11:276:19 | ... > ... | Unsigned subtraction can never be negative. |
+| test.cpp:288:10:288:18 | ... > ... | Unsigned subtraction can never be negative. |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero/test.cpp
@@ -236,7 +236,7 @@ int test13() {
 
 	if (b != 0) {
 		return 0;
-	}
+	} // b = 0
 
 	return (a - b > 0); // GOOD (as b = 0)
 }
@@ -247,9 +247,9 @@ int test14() {
 
 	if (!b) {
 		return 0;
-	}
+	} // b != 0
 
-	return (a - b > 0); // GOOD (as b = 0) [FALSE POSITIVE]
+	return (a - b > 0); // BAD
 }
 
 struct Numbers
@@ -265,3 +265,36 @@ int test15(Numbers *n) {
 
 	return (n->a - n->b > 0); // BAD
 }
+
+int test16() {
+	unsigned int a = getAnInt();
+	unsigned int b = getAnInt();
+
+	if (!b) {
+		return 0;
+	} else {
+		return (a - b > 0); // BAD
+	}
+}
+
+int test17() {
+	unsigned int a = getAnInt();
+	unsigned int b = getAnInt();
+
+	if (b == 0) {
+		return 0;
+	} // b != 0
+
+	return (a - b > 0); // BAD
+}
+
+int test18() {
+	unsigned int a = getAnInt();
+	unsigned int b = getAnInt();
+
+	if (b) {
+		return 0;
+	} // b == 0
+
+	return (a - b > 0); // GOOD (as b = 0)
+}
