Merge pull request github#18194 from github/calumgrant/bmn/wrong-number-format-arguments2

calumgrant · web-flow · commit defa4cc19fba · 2024-12-06T10:14:06.000Z
C++: Fix a FP in cpp/wrong-number-format-arguments caused by an extraction error
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql b/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql
@@ -44,7 +44,8 @@ where
   ) and
   // A typical problem is that string literals are concatenated, but if one of the string
   // literals is an undefined macro, then this just leads to a syntax error.
-  not exists(SyntaxError e | e.affects(fl))
+  not exists(SyntaxError e | e.affects(fl)) and
+  not ffc.getArgument(_) instanceof ErrorExpr
 select ffc,
   "Format for " + ffcName + " expects " + expected.toString() + " arguments but given " +
     given.toString()
diff --git a/cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md b/cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) query no longer produces results if an argument has an extraction error.
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected
@@ -5,6 +5,7 @@
 | macros.cpp:14:2:14:37 | call to printf | Format for printf (in a macro expansion) expects 4 arguments but given 3 |
 | macros.cpp:21:2:21:36 | call to printf | Format for printf (in a macro expansion) expects 4 arguments but given 3 |
 | macros.cpp:32:2:32:25 | call to printf | Format for printf (in a macro expansion) expects 1 arguments but given 0 |
+| syntax_errors.c:15:5:15:10 | call to printf | Format for printf expects 2 arguments but given 0 |
 | test.c:9:2:9:7 | call to printf | Format for printf expects 1 arguments but given 0 |
 | test.c:12:2:12:7 | call to printf | Format for printf expects 2 arguments but given 1 |
 | test.c:15:2:15:7 | call to printf | Format for printf expects 3 arguments but given 2 |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/syntax_errors.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/syntax_errors.c
@@ -3,5 +3,16 @@
 extern int printf(const char *fmt, ...);
 
 void test_syntax_error() {
-    printf("Error code %d: " FMT_MSG, 0, "");
+    // GOOD
+    printf("Error code %d: " UNDEFINED_MACRO, 0, "");
+
+    // GOOD
+    printf("%d%d",
+        (UNDEFINED_MACRO)1,
+        (UNDEFINED_MACRO)2);
+
+    // GOOD [FALSE POSITIVE]
+    printf("%d%d"
+        UNDEFINED_MACRO,
+        1, 2);
 }

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) query no longer produces results if an argument has an extraction error.