C++: Update test comments to my best understanding.

geoffw0 · geoffw0 · commit c5ed859cf556 · 2021-07-15T16:36:21.000+01:00
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-367/semmle/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-367/semmle/test.cpp
@@ -18,7 +18,7 @@ void test1()
 	create(file1);
 	if (!rename(file1, file2))
 	{
-		remove(file1); // BAD
+		remove(file1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]
 	}
 }
 
@@ -46,6 +46,6 @@ void test3()
 	create(file1);
 	if (!rename(file1, file2))
 	{
-		remove(file1); // BAD
+		remove(file1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]
 	}
 }
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-367/semmle/test2.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-367/semmle/test2.cpp
@@ -207,7 +207,7 @@ void test3_1(const char *path, int arg)
 	int f;
 
 	f = open(path, arg);
-	if (stat(path, &buf)) // BAD??? [NOT DETECTED]
+	if (stat(path, &buf)) // BAD [NOT DETECTED]
 	{
 		// ...
 	}
@@ -242,7 +242,7 @@ void test4_1(const char *path)
 
 		fclose(f);
 
-		chmod(path, 0); // BAD???
+		chmod(path, 0); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]
 	}
 }
 
@@ -252,7 +252,7 @@ void test5_1(const char *path1, const char *path2)
 {
 	if (!rename(path1, path2))
 	{
-		remove(path1); // BAD???
+		remove(path1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]
 	}
 }
 
@@ -262,7 +262,7 @@ void test5_2(const char *path1, const char *path2)
 
 	if (rename(path1, path2))
 	{
-		f = fopen(path2, "r"); // BAD??? [NOT DETECTED]
+		f = fopen(path2, "r"); // BAD [NOT DETECTED]
 	}
 }
 
@@ -289,7 +289,7 @@ void test6_2(const char *path)
 		// ...
 	}
 
-	f = fopen(path, "r"); // GOOD (doesn't depend on the access check)
+	f = fopen(path, "r"); // GOOD (appears not to be intended to depend on the access check)
 
 	// ...
 }

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ void test1()`
`18`	`18`	`create(file1);`
`19`	`19`	`if (!rename(file1, file2))`
`20`	`20`	`{`
`21`		`- remove(file1); // BAD`
	`21`	`+ remove(file1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]`
`22`	`22`	`}`
`23`	`23`	`}`
`24`	`24`
`@@ -46,6 +46,6 @@ void test3()`
`46`	`46`	`create(file1);`
`47`	`47`	`if (!rename(file1, file2))`
`48`	`48`	`{`
`49`		`- remove(file1); // BAD`
	`49`	`+ remove(file1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]`
`50`	`50`	`}`
`51`	`51`	`}`
Original file line number	Diff line number	Diff line change
`@@ -207,7 +207,7 @@ void test3_1(const char *path, int arg)`
`207`	`207`	`int f;`
`208`	`208`
`209`	`209`	`f = open(path, arg);`
`210`		`- if (stat(path, &buf)) // BAD??? [NOT DETECTED]`
	`210`	`+ if (stat(path, &buf)) // BAD [NOT DETECTED]`
`211`	`211`	`{`
`212`	`212`	`// ...`
`213`	`213`	`}`
`@@ -242,7 +242,7 @@ void test4_1(const char *path)`
`242`	`242`
`243`	`243`	`fclose(f);`
`244`	`244`
`245`		`- chmod(path, 0); // BAD???`
	`245`	`+ chmod(path, 0); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]`
`246`	`246`	`}`
`247`	`247`	`}`
`248`	`248`
`@@ -252,7 +252,7 @@ void test5_1(const char path1, const char path2)`
`252`	`252`	`{`
`253`	`253`	`if (!rename(path1, path2))`
`254`	`254`	`{`
`255`		`- remove(path1); // BAD???`
	`255`	`+ remove(path1); // DUBIOUS (bad but perhaps not exploitable) [REPORTED]`
`256`	`256`	`}`
`257`	`257`	`}`
`258`	`258`
`@@ -262,7 +262,7 @@ void test5_2(const char path1, const char path2)`
`262`	`262`
`263`	`263`	`if (rename(path1, path2))`
`264`	`264`	`{`
`265`		`- f = fopen(path2, "r"); // BAD??? [NOT DETECTED]`
	`265`	`+ f = fopen(path2, "r"); // BAD [NOT DETECTED]`
`266`	`266`	`}`
`267`	`267`	`}`
`268`	`268`
`@@ -289,7 +289,7 @@ void test6_2(const char *path)`
`289`	`289`	`// ...`
`290`	`290`	`}`
`291`	`291`
`292`		`- f = fopen(path, "r"); // GOOD (doesn't depend on the access check)`
	`292`	`+ f = fopen(path, "r"); // GOOD (appears not to be intended to depend on the access check)`
`293`	`293`
`294`	`294`	`// ...`
`295`	`295`	`}`