-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
C++: Reduce FPs in cpp/wrong-type-format-argument due to extraction errors #17775
Merged
calumgrant
merged 13 commits into
main
from
calumgrant/bmn/wrong-type-format-arguments-test
Oct 24, 2024
+95
−29
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
fe85e00
C++: Add test for cpp/wrong-type-format-argument
calumgrant 853128c
C++: Clean up false-positives
calumgrant 6a48ad0
C++: Implement Expr::mayBeFromImplicitlyDeclaredFunction
calumgrant d88a674
C++: Change note for mayBeFromImplicitlyDeclaredFunction
calumgrant ceceee1
C++: Add test for mixed implicit/explicit function declarations
calumgrant 9758e02
C++: Remove redundant test
calumgrant 5315a5c
C++: Tweak test
calumgrant 4341fab
C++: Reject invalid results from getFirstFormatArgumentIndex()
calumgrant 4197805
C++: Resolve firstFormatArgumentIndex in FormattingFunction CP
calumgrant 0fcabc4
C++: Move mayBeFromImplicitlyDeclaredFunction to Call
calumgrant c5a082f
C++: Fix CWE-022
calumgrant f37be68
C++: Handle builtin FormattingFunctions better
calumgrant 421413a
C++: Update change notes
calumgrant File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
5 changes: 5 additions & 0 deletions
5
cpp/ql/lib/change-notes/2014-10-16-implicitly-declared-fns.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
--- | ||
category: feature | ||
--- | ||
* Added the predicate `mayBeFromImplicitlyDeclaredFunction()` to the `Call` class to represent calls that may be the return value of an implicitly declared C function. | ||
* Added the predicate `getAnExplicitDeclarationEntry()` to the `Function` class to get a `FunctionDeclarationEntry` that is not implicit. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 4 additions & 0 deletions
4
cpp/ql/src/change-notes/2024-10-15-wrong-type-format-argument.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
--- | ||
category: minorAnalysis | ||
--- | ||
* Remove results from the `cpp/wrong-type-format-argument` ("Wrong type of arguments to formatting function") query if the argument is the return value of an implicitly declared function. |
1 change: 1 addition & 0 deletions
1
cpp/ql/test/library-tests/exprs/implicitly_declared/error_type.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
| file://:0:0:0:0 | <error expr> | |
5 changes: 5 additions & 0 deletions
5
cpp/ql/test/library-tests/exprs/implicitly_declared/error_type.ql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
import cpp | ||
|
||
from Expr e | ||
where e.getType() instanceof ErroneousType | ||
select e |
2 changes: 2 additions & 0 deletions
2
cpp/ql/test/library-tests/exprs/implicitly_declared/errors.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| file://:0:0:0:0 | There was an error during this compilation | | ||
| implicit.cpp:5:5:5:5 | identifier 'g' is undefined | |
4 changes: 4 additions & 0 deletions
4
cpp/ql/test/library-tests/exprs/implicitly_declared/errors.ql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
import cpp | ||
|
||
from Diagnostic d | ||
select d |
6 changes: 6 additions & 0 deletions
6
cpp/ql/test/library-tests/exprs/implicitly_declared/functions.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
| implicit2.c:1:7:1:7 | g | file://:0:0:0:0 | float | | ||
| implicit2.c:1:7:1:7 | g | file://:0:0:0:0 | int | | ||
| implicit.c:1:6:1:6 | f | file://:0:0:0:0 | void | | ||
| implicit.c:3:5:3:5 | g | file://:0:0:0:0 | float | | ||
| implicit.c:3:5:3:5 | g | file://:0:0:0:0 | int | | ||
| implicit.cpp:3:6:3:6 | f | file://:0:0:0:0 | void | |
5 changes: 5 additions & 0 deletions
5
cpp/ql/test/library-tests/exprs/implicitly_declared/functions.ql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
import cpp | ||
|
||
from Function fn | ||
where fn.fromSource() | ||
select fn, fn.getType() |
4 changes: 4 additions & 0 deletions
4
cpp/ql/test/library-tests/exprs/implicitly_declared/implicit.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
void f() { | ||
f(); | ||
g(); | ||
} |
6 changes: 6 additions & 0 deletions
6
cpp/ql/test/library-tests/exprs/implicitly_declared/implicit.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
// semmle-extractor-options: --expect_errors | ||
|
||
void f() { | ||
f(); | ||
g(); | ||
} |
1 change: 1 addition & 0 deletions
1
cpp/ql/test/library-tests/exprs/implicitly_declared/implicit.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
| implicit.c:3:5:3:5 | call to g | |
5 changes: 5 additions & 0 deletions
5
cpp/ql/test/library-tests/exprs/implicitly_declared/implicit.ql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
import cpp | ||
|
||
from Call c | ||
where c.mayBeFromImplicitlyDeclaredFunction() | ||
select c |
1 change: 1 addition & 0 deletions
1
cpp/ql/test/library-tests/exprs/implicitly_declared/implicit2.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
float g(); |
1 change: 1 addition & 0 deletions
1
...s/Likely Bugs/Format/WrongTypeFormatArguments/Buildless/WrongTypeFormatArguments.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
| tests.c:7:18:7:18 | 1 | This format specifier for type 'char *' does not match the argument type 'int'. | |
1 change: 1 addition & 0 deletions
1
...ests/Likely Bugs/Format/WrongTypeFormatArguments/Buildless/WrongTypeFormatArguments.qlref
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Likely Bugs/Format/WrongTypeFormatArguments.ql |
11 changes: 11 additions & 0 deletions
11
cpp/ql/test/query-tests/Likely Bugs/Format/WrongTypeFormatArguments/Buildless/tests.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
// semmle-extractor-options: --expect_errors | ||
|
||
int printf(const char * format, ...); | ||
int fprintf(); | ||
|
||
void f() { | ||
printf("%s", 1); // BAD | ||
printf("%s", implicit_function()); // GOOD - we should ignore the type | ||
sprintf(0, "%s", ""); // GOOD | ||
fprintf(0, "%s", ""); // GOOD | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This one is now good, because
int fprintf()
now no longer yields a value forgetFirstFormatArgumentIndex
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes.