C++: Add test case that is no longer detected after latest changes

Author: jketema

cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests/stdlib.h

@@ -6,7 +6,6 @@
 typedef struct {} FILE;
 #define FILENAME_MAX 1000
 typedef unsigned long size_t;
-#define NULL ((void*)0)
 
 FILE *fopen(const char *filename, const char *mode);
 int sprintf(char *s, const char *format, ...);
@@ -15,3 +14,4 @@ char *strncat(char *s1, const char *s2, size_t n);
 int scanf(const char *format, ...);
 void *malloc(size_t size);
 double strtod(const char *ptr, char **endptr);
+char *getenv(const char *name);

cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests/test.c

@@ -39,7 +39,7 @@ int main(int argc, char** argv) {
   }
 
   {
-    char *fileName = malloc(20 * sizeof(char));
+    char *fileName = (char*)malloc(20 * sizeof(char));
     scanf("%s", fileName);
     fopen(fileName, "wb+"); // BAD
   }
@@ -51,4 +51,13 @@ int main(int argc, char** argv) {
     sprintf(fileName, "/foo/%f", number);
     fopen(fileName, "wb+"); // GOOD
   }
+
+  {
+    void read(const char *fileName);
+    read(argv[1]); // BAD [NOT DETECTED]
+  }
+}
+
+void read(char *fileName) {
+  fopen(fileName, "wb+");
 }