Add files via upload

Author: ihsinme

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-691/semmle/tests/InsufficientControlFlowManagementAfterRefactoringTheCode.expected

@@ -0,0 +1,3 @@
+| test.c:15:6:15:16 | ... + ... | this expression needs your attention |
+| test.c:17:17:17:27 | ... + ... | this expression needs your attention |
+| test.c:22:10:22:15 | ... > ... | this expression needs your attention |

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-691/semmle/tests/InsufficientControlFlowManagementAfterRefactoringTheCode.qlref

@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-691/semmle/tests/test.c

@@ -0,0 +1,28 @@
+int tmpFunction(){
+  return 5;
+}
+void workFunction_0(char *s) {
+  int intSize;
+  char buf[80];
+  if(intSize>0 && intSize<80 && memset(buf,0,intSize)) return; // GOOD
+  if(intSize>0 & intSize<80 & memset(buf,0,intSize)) return; // BAD
+  if(intSize>0 && tmpFunction()) return;
+  if(intSize<0 & tmpFunction()) return; // BAD
+}
+void workFunction_1(char *s) {
+  int intA,intB;
+
+  if(intA + intB) return; // BAD
+  if(intA + intB>4) return; // GOOD
+  if(intA>0 && (intA + intB)) return; // BAD
+  while(intA>0)
+  {
+    if(intB - intA<10) break;
+    intA--;
+  }while(intA>0); // BAD
+  while(intA>0)
+  {
+    if(intB - intA<10) break;
+    intA--;
+  } // GOOD
+}