Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit fe8f7e9

Browse files
Robert Marshgeoffw0
Robert Marsh
authored and
geoffw0
committed
C++: consider attributes when finding wide string functions
1 parent 5b8925c commit fe8f7e9

2 files changed

Lines changed: 16 additions & 10 deletions

File tree

cpp/ql/src/semmle/code/cpp/commons/Printf.qll

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -30,15 +30,21 @@ class AttributeFormattingFunction extends FormattingFunction {
3030

3131
/**
3232
* A type that is used as a format string by a wide variadic formatter such as
33-
* `vwprintf`.
33+
* `vwprintf` or by a user-defined formatting function with the GNU `format`
34+
* attribute.
3435
*/
35-
Type getAPrimitiveVariadicFormatterWideType() {
36+
Type getAFormatterWideType() {
3637
exists(TopLevelFunction f, int formatParamIndex |
3738
primitiveVariadicFormatter(f, formatParamIndex, true) and
3839
result = f.getParameter(formatParamIndex).getType().getUnspecifiedType() and
3940
result.(PointerType).getBaseType().getSize() != 1 and
4041
f.hasDefinition()
4142
)
43+
or
44+
exists(AttributeFormattingFunction f, int formatParamIndex |
45+
result = f.getParameter(formatParamIndex).getType().getUnspecifiedType() and
46+
result.(PointerType).getBaseType().getSize() != 1
47+
)
4248
}
4349

4450
/**
@@ -737,9 +743,9 @@ class FormatLiteral extends Literal {
737743
exists(string cnv | cnv = this.getEffectiveStringConversionChar(n) |
738744
cnv="S" and
739745
(
740-
result = getAPrimitiveVariadicFormatterWideType()
746+
result = getAFormatterWideType()
741747
or
742-
not exists(getAPrimitiveVariadicFormatterWideType()) and
748+
not exists(getAFormatterWideType()) and
743749
result.(PointerType).getBaseType().hasName("wchar_t")
744750
)
745751
)

cpp/ql/src/semmle/code/cpp/models/implementations/Printf.qll

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ class Printf extends FormattingFunction {
1313
hasGlobalName("wprintf_s") or
1414
hasGlobalName("g_printf")
1515
) and
16-
not hasDefinition()
16+
not exists(getADeclarationEntry().getFile().getRelativePath())
1717
}
1818

1919
override int getFormatParameterIndex() { result=0 }
@@ -34,7 +34,7 @@ class Fprintf extends FormattingFunction {
3434
hasGlobalName("fwprintf") or
3535
hasGlobalName("g_fprintf")
3636
) and
37-
not hasDefinition()
37+
not exists(getADeclarationEntry().getFile().getRelativePath())
3838
}
3939

4040
override int getFormatParameterIndex() { result=1 }
@@ -57,7 +57,7 @@ class Sprintf extends FormattingFunction {
5757
hasGlobalName("g_sprintf") or
5858
hasGlobalName("__builtin___sprintf_chk")
5959
) and
60-
not hasDefinition()
60+
not exists(getADeclarationEntry().getFile().getRelativePath())
6161
}
6262

6363
override predicate isWideCharDefault() {
@@ -111,7 +111,7 @@ class Snprintf extends FormattingFunction {
111111
or hasGlobalName("wnsprintf")
112112
or hasGlobalName("__builtin___snprintf_chk")
113113
) and
114-
not hasDefinition()
114+
not exists(getADeclarationEntry().getFile().getRelativePath())
115115
}
116116

117117
override int getFormatParameterIndex() {
@@ -150,7 +150,7 @@ class Snprintf extends FormattingFunction {
150150
hasGlobalName("__builtin___snprintf_chk") or
151151
hasGlobalName("snprintf_s")
152152
) and
153-
not hasDefinition()
153+
not exists(getADeclarationEntry().getFile().getRelativePath())
154154
}
155155

156156
override int getSizeParameterIndex() {
@@ -173,7 +173,7 @@ class StringCchPrintf extends FormattingFunction {
173173
or hasGlobalName("StringCbPrintf_l")
174174
or hasGlobalName("StringCbPrintf_lEx")
175175
) and
176-
not hasDefinition()
176+
not exists(getADeclarationEntry().getFile().getRelativePath())
177177
}
178178

179179
override int getFormatParameterIndex() {

0 commit comments

Comments
 (0)