C++: Test layout.

Author: geoffw0

cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/ArithmeticUncontrolled/ArithmeticUncontrolled.expected

@@ -8,8 +8,8 @@ edges
 | test.c:81:23:81:26 | call to rand | test.c:83:9:83:9 | r |
 | test.c:99:14:99:19 | call to rand | test.c:100:5:100:5 | r |
 | test.c:125:13:125:16 | call to rand | test.c:127:9:127:9 | r |
-| test.c:148:22:148:25 | call to rand | test.c:150:9:150:9 | r |
-| test.c:148:22:148:27 | (unsigned int)... | test.c:150:9:150:9 | r |
+| test.c:155:22:155:25 | call to rand | test.c:157:9:157:9 | r |
+| test.c:155:22:155:27 | (unsigned int)... | test.c:157:9:157:9 | r |
 | test.cpp:8:9:8:12 | Store | test.cpp:24:11:24:18 | call to get_rand |
 | test.cpp:8:9:8:12 | call to rand | test.cpp:8:9:8:12 | Store |
 | test.cpp:13:2:13:15 | Chi [[]] | test.cpp:30:13:30:14 | get_rand2 output argument [[]] |
@@ -21,11 +21,11 @@ edges
 | test.cpp:30:13:30:14 | get_rand2 output argument [[]] | test.cpp:30:13:30:14 | Chi |
 | test.cpp:36:13:36:13 | Chi | test.cpp:37:7:37:7 | r |
 | test.cpp:36:13:36:13 | get_rand3 output argument [[]] | test.cpp:36:13:36:13 | Chi |
-| test.cpp:78:10:78:13 | call to rand | test.cpp:82:10:82:10 | x |
-| test.cpp:90:10:90:13 | call to rand | test.cpp:94:10:94:10 | x |
-| test.cpp:129:10:129:13 | call to rand | test.cpp:132:10:132:10 | b |
-| test.cpp:147:11:147:14 | call to rand | test.cpp:149:11:149:16 | (int)... |
-| test.cpp:147:11:147:14 | call to rand | test.cpp:149:16:149:16 | y |
+| test.cpp:86:10:86:13 | call to rand | test.cpp:90:10:90:10 | x |
+| test.cpp:98:10:98:13 | call to rand | test.cpp:102:10:102:10 | x |
+| test.cpp:151:10:151:13 | call to rand | test.cpp:154:10:154:10 | b |
+| test.cpp:169:11:169:14 | call to rand | test.cpp:171:11:171:16 | (int)... |
+| test.cpp:169:11:169:14 | call to rand | test.cpp:171:16:171:16 | y |
 nodes
 | test.c:18:13:18:16 | call to rand | semmle.label | call to rand |
 | test.c:21:17:21:17 | r | semmle.label | r |
@@ -43,9 +43,9 @@ nodes
 | test.c:100:5:100:5 | r | semmle.label | r |
 | test.c:125:13:125:16 | call to rand | semmle.label | call to rand |
 | test.c:127:9:127:9 | r | semmle.label | r |
-| test.c:148:22:148:25 | call to rand | semmle.label | call to rand |
-| test.c:148:22:148:27 | (unsigned int)... | semmle.label | (unsigned int)... |
-| test.c:150:9:150:9 | r | semmle.label | r |
+| test.c:155:22:155:25 | call to rand | semmle.label | call to rand |
+| test.c:155:22:155:27 | (unsigned int)... | semmle.label | (unsigned int)... |
+| test.c:157:9:157:9 | r | semmle.label | r |
 | test.cpp:8:9:8:12 | Store | semmle.label | Store |
 | test.cpp:8:9:8:12 | call to rand | semmle.label | call to rand |
 | test.cpp:13:2:13:15 | Chi [[]] | semmle.label | Chi [[]] |
@@ -60,15 +60,15 @@ nodes
 | test.cpp:36:13:36:13 | Chi | semmle.label | Chi |
 | test.cpp:36:13:36:13 | get_rand3 output argument [[]] | semmle.label | get_rand3 output argument [[]] |
 | test.cpp:37:7:37:7 | r | semmle.label | r |
-| test.cpp:78:10:78:13 | call to rand | semmle.label | call to rand |
-| test.cpp:82:10:82:10 | x | semmle.label | x |
-| test.cpp:90:10:90:13 | call to rand | semmle.label | call to rand |
-| test.cpp:94:10:94:10 | x | semmle.label | x |
-| test.cpp:129:10:129:13 | call to rand | semmle.label | call to rand |
-| test.cpp:132:10:132:10 | b | semmle.label | b |
-| test.cpp:147:11:147:14 | call to rand | semmle.label | call to rand |
-| test.cpp:149:11:149:16 | (int)... | semmle.label | (int)... |
-| test.cpp:149:16:149:16 | y | semmle.label | y |
+| test.cpp:86:10:86:13 | call to rand | semmle.label | call to rand |
+| test.cpp:90:10:90:10 | x | semmle.label | x |
+| test.cpp:98:10:98:13 | call to rand | semmle.label | call to rand |
+| test.cpp:102:10:102:10 | x | semmle.label | x |
+| test.cpp:151:10:151:13 | call to rand | semmle.label | call to rand |
+| test.cpp:154:10:154:10 | b | semmle.label | b |
+| test.cpp:169:11:169:14 | call to rand | semmle.label | call to rand |
+| test.cpp:171:11:171:16 | (int)... | semmle.label | (int)... |
+| test.cpp:171:16:171:16 | y | semmle.label | y |
 #select
 | test.c:21:17:21:17 | r | test.c:18:13:18:16 | call to rand | test.c:21:17:21:17 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.c:18:13:18:16 | call to rand | Uncontrolled value |
 | test.c:35:5:35:5 | r | test.c:34:13:34:18 | call to rand | test.c:35:5:35:5 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.c:34:13:34:18 | call to rand | Uncontrolled value |
@@ -79,13 +79,13 @@ nodes
 | test.c:83:9:83:9 | r | test.c:81:23:81:26 | call to rand | test.c:83:9:83:9 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.c:81:23:81:26 | call to rand | Uncontrolled value |
 | test.c:100:5:100:5 | r | test.c:99:14:99:19 | call to rand | test.c:100:5:100:5 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.c:99:14:99:19 | call to rand | Uncontrolled value |
 | test.c:127:9:127:9 | r | test.c:125:13:125:16 | call to rand | test.c:127:9:127:9 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.c:125:13:125:16 | call to rand | Uncontrolled value |
-| test.c:150:9:150:9 | r | test.c:148:22:148:25 | call to rand | test.c:150:9:150:9 | r | $@ flows to here and is used in arithmetic, potentially causing an underflow. | test.c:148:22:148:25 | call to rand | Uncontrolled value |
-| test.c:150:9:150:9 | r | test.c:148:22:148:27 | (unsigned int)... | test.c:150:9:150:9 | r | $@ flows to here and is used in arithmetic, potentially causing an underflow. | test.c:148:22:148:25 | call to rand | Uncontrolled value |
+| test.c:157:9:157:9 | r | test.c:155:22:155:25 | call to rand | test.c:157:9:157:9 | r | $@ flows to here and is used in arithmetic, potentially causing an underflow. | test.c:155:22:155:25 | call to rand | Uncontrolled value |
+| test.c:157:9:157:9 | r | test.c:155:22:155:27 | (unsigned int)... | test.c:157:9:157:9 | r | $@ flows to here and is used in arithmetic, potentially causing an underflow. | test.c:155:22:155:25 | call to rand | Uncontrolled value |
 | test.cpp:25:7:25:7 | r | test.cpp:8:9:8:12 | call to rand | test.cpp:25:7:25:7 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:8:9:8:12 | call to rand | Uncontrolled value |
 | test.cpp:31:7:31:7 | r | test.cpp:13:10:13:13 | call to rand | test.cpp:31:7:31:7 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:13:10:13:13 | call to rand | Uncontrolled value |
 | test.cpp:37:7:37:7 | r | test.cpp:18:9:18:12 | call to rand | test.cpp:37:7:37:7 | r | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:18:9:18:12 | call to rand | Uncontrolled value |
-| test.cpp:82:10:82:10 | x | test.cpp:78:10:78:13 | call to rand | test.cpp:82:10:82:10 | x | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:78:10:78:13 | call to rand | Uncontrolled value |
-| test.cpp:94:10:94:10 | x | test.cpp:90:10:90:13 | call to rand | test.cpp:94:10:94:10 | x | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:90:10:90:13 | call to rand | Uncontrolled value |
-| test.cpp:132:10:132:10 | b | test.cpp:129:10:129:13 | call to rand | test.cpp:132:10:132:10 | b | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:129:10:129:13 | call to rand | Uncontrolled value |
-| test.cpp:149:11:149:16 | (int)... | test.cpp:147:11:147:14 | call to rand | test.cpp:149:11:149:16 | (int)... | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:147:11:147:14 | call to rand | Uncontrolled value |
-| test.cpp:149:16:149:16 | y | test.cpp:147:11:147:14 | call to rand | test.cpp:149:16:149:16 | y | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:147:11:147:14 | call to rand | Uncontrolled value |
+| test.cpp:90:10:90:10 | x | test.cpp:86:10:86:13 | call to rand | test.cpp:90:10:90:10 | x | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:86:10:86:13 | call to rand | Uncontrolled value |
+| test.cpp:102:10:102:10 | x | test.cpp:98:10:98:13 | call to rand | test.cpp:102:10:102:10 | x | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:98:10:98:13 | call to rand | Uncontrolled value |
+| test.cpp:154:10:154:10 | b | test.cpp:151:10:151:13 | call to rand | test.cpp:154:10:154:10 | b | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:151:10:151:13 | call to rand | Uncontrolled value |
+| test.cpp:171:11:171:16 | (int)... | test.cpp:169:11:169:14 | call to rand | test.cpp:171:11:171:16 | (int)... | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:169:11:169:14 | call to rand | Uncontrolled value |
+| test.cpp:171:16:171:16 | y | test.cpp:169:11:169:14 | call to rand | test.cpp:171:16:171:16 | y | $@ flows to here and is used in arithmetic, potentially causing an overflow. | test.cpp:169:11:169:14 | call to rand | Uncontrolled value |

cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/ArithmeticUncontrolled/test.c

@@ -126,12 +126,19 @@ void moreTests() {
 
     r = r * 100; // BAD
   }
+
   {
     int r = rand();
 
     r *= 100; // BAD [NOT DETECTED]
   }
 
+
+
+
+
+
+
   {
     int r = rand();
 

cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/ArithmeticUncontrolled/test.cpp

@@ -42,8 +42,8 @@ int rand(int min, int max);
 unsigned rand(int max);
 
 void test_with_bounded_randomness() {
-  int r = rand(0, 10);
-  r++; // GOOD
+	int r = rand(0, 10);
+	r++; // GOOD
 
 	unsigned unsigned_r = rand(10);
 	unsigned_r++; // GOOD
@@ -57,6 +57,14 @@ int test_remainder_subtract()
 	return x - y; // GOOD (as y <= x)
 }
 
+
+
+
+
+
+
+
+
 typedef unsigned long size_t;
 int snprintf(char *s, size_t n, const char *format, ...);
 
@@ -124,6 +132,20 @@ int test_conditional_assignment_2()
 	return y * 10; // GOOD (as y <= 100)
 }
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 int test_underflow()
 {
 	int x = rand();