Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8f79cdb

Browse files
zlaski-semmlezlaski-semmle
committed
[CPP-370] Add an additional test case.
1 parent 51e543a commit 8f79cdb

2 files changed

Lines changed: 13 additions & 2 deletions

File tree

cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
| NonConstantFormat.c:45:9:45:48 | call to any_random_function | The format string argument to printf should be constant to prevent security issues and other potential errors. |
55
| nested.cpp:21:23:21:26 | fmt0 | The format string argument to snprintf should be constant to prevent security issues and other potential errors. |
66
| nested.cpp:79:32:79:38 | call to get_fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. |
7+
| nested.cpp:87:18:87:20 | fmt | The format string argument to diagnostic should be constant to prevent security issues and other potential errors. |
78
| test.cpp:48:10:48:21 | call to make_message | The format string argument to printf should be constant to prevent security issues and other potential errors. |
89
| test.cpp:54:12:54:16 | hello | The format string argument to printf should be constant to prevent security issues and other potential errors. |
910
| test.cpp:57:12:57:21 | call to const_wash | The format string argument to printf should be constant to prevent security issues and other potential errors. |

cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/nested.cpp

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ extern "C" int snprintf ( char * s, int n, const char * format, ... );
1818
struct A {
1919
void do_print(const char *fmt0) {
2020
char buf[32];
21-
snprintf(buf, 32, fmt0); // BAD [should detect at top-most call]
21+
snprintf(buf, 32, fmt0); // GOOD
2222
}
2323
};
2424

@@ -39,7 +39,7 @@ struct C {
3939

4040
void foo(void) {
4141
C c;
42-
c.do_some_printing(c.ext_fmt_str()); // BAD [not detected at this location]
42+
c.do_some_printing(c.ext_fmt_str());
4343
}
4444

4545
struct some_class {
@@ -78,3 +78,13 @@ void diagnostic(const char *fmt, ...)
7878
void bar(void) {
7979
diagnostic (some_instance->get_fmt()); // GOOD
8080
}
81+
82+
namespace ns {
83+
84+
class blab {
85+
void out1(void) {
86+
char *fmt = (char *)__builtin_alloca(10);
87+
diagnostic(fmt); // GOOD
88+
}
89+
};
90+
}

0 commit comments

Comments
 (0)