C++: Fix false negative.

MathiasVP · MathiasVP · commit c12837cff0bd · 2021-05-06T16:57:09.000+02:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql b/cpp/ql/src/experimental/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql
@@ -168,13 +168,13 @@ class BadAllocType extends Class {
 }
 
 /**
- * A catch block that catches a `std::bad_alloc` (or any of its subclasses), or a catch
+ * A catch block that catches a `std::bad_alloc` (or any of its superclasses), or a catch
  * block that catches every exception (i.e., `catch(...)`).
  */
 class BadAllocCatchBlock extends CatchBlock {
   BadAllocCatchBlock() {
     this.getParameter().getUnspecifiedType().stripType() =
-      any(BadAllocType badAlloc).getADerivedClass*()
+      any(BadAllocType badAlloc).getABaseClass*()
     or
     not exists(this.getParameter())
   }
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-570/semmle/tests/IncorrectAllocationErrorHandling.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-570/semmle/tests/IncorrectAllocationErrorHandling.expected
@@ -15,3 +15,4 @@
 | test.cpp:96:10:96:36 | new[] | This allocation cannot throw. $@ is unnecessary. | test.cpp:97:36:98:3 | { ... } | This catch block |
 | test.cpp:151:9:151:24 | new | This allocation cannot throw. $@ is unnecessary. | test.cpp:152:15:152:18 | { ... } | This catch block |
 | test.cpp:199:15:199:35 | new | This allocation cannot throw. $@ is unnecessary. | test.cpp:201:16:201:19 | { ... } | This catch block |
+| test.cpp:212:14:212:34 | new | This allocation cannot throw. $@ is unnecessary. | test.cpp:213:34:213:36 | { ... } | This catch block |
