C++: Accept regression in test after evaluator fix

jbj · jbj · commit cd1f19684886 · 2023-08-18T13:30:20.000+02:00
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/BadlyBoundedWrite.expected
@@ -1,2 +1,3 @@
+| tests2.cpp:59:3:59:10 | call to snprintf | This 'call to snprintf' operation is limited to 13 bytes but the destination is only 2 bytes. |
 | tests.c:43:3:43:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |
 | tests.c:46:3:46:10 | call to snprintf | This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/tests2.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/tests2.cpp
@@ -56,7 +56,7 @@ void test3() {
   dest1 = (char*)malloc(sizeof(src));
   if (!dest1)
     return;
-  snprintf(dest1, sizeof(src), "%s", src); // GOOD
+  snprintf(dest1, sizeof(src), "%s", src); // GOOD [FALSE POSITIVE]
   dest2 = (char*)malloc(3);
   if (!dest2)
     return;

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
	`1`	`+\| tests2.cpp:59:3:59:10 \| call to snprintf \| This 'call to snprintf' operation is limited to 13 bytes but the destination is only 2 bytes. \|`
`1`	`2`	`\| tests.c:43:3:43:10 \| call to snprintf \| This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. \|`
`2`	`3`	`\| tests.c:46:3:46:10 \| call to snprintf \| This 'call to snprintf' operation is limited to 111 bytes but the destination is only 110 bytes. \|`