Fix MaxIntOrMaxUint.isBoundFor

owen-mc · owen-mc · commit e45e92eaa701 · 2023-12-17T06:16:33.000Z
It was wrong for strictnessOffset = 1 before.
diff --git a/go/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll b/go/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
@@ -15,15 +15,11 @@ abstract private class MaxIntOrMaxUint extends DeclaredConstant {
    */
   predicate isBoundFor(int b, int architectureBitSize, float strictnessOffset) {
     // 2.pow(x) - 1 - strictnessOffset <= 2.pow(b) - 1
-    exists(int x |
-      x = this.getOrder(architectureBitSize) and
-      b = validBitSize() and
-      (
-        strictnessOffset = 0 and x <= b
-        or
-        strictnessOffset = 1 and x <= b - 1
-      )
-    )
+    // For the values that we are restricting `b` to, `strictnessOffset` has no
+    // effect on the result, so we can ignore it.
+    b = validBitSize() and
+    strictnessOffset = [0, 1] and
+    this.getOrder(architectureBitSize) <= b
   }
 }
 
diff --git a/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected b/go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.expected
@@ -1,3 +1,2 @@
 testFailures
-| IncorrectIntegerConversion.go:497:15:497:15 | i | Unexpected result: hasValueFlow="i" |
 failures

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,2 @@`
`1`	`1`	`testFailures`
`2`		`-\| IncorrectIntegerConversion.go:497:15:497:15 \| i \| Unexpected result: hasValueFlow="i" \|`
`3`	`2`	`failures`