Skip to content

Commit 1e35357

Browse files
geoffw0geoffw0
committed
C++: Violation message.
1 parent 2210344 commit 1e35357

File tree

2 files changed

+9
-11
lines changed

2 files changed

+9
-11
lines changed

cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -33,10 +33,8 @@ class MultToAllocConfig extends DataFlow::Configuration {
3333
}
3434
}
3535

36-
string describe(DataFlow::PathNode n) {
37-
result = n.getNode().asExpr().getEnclosingFunction().getName()
38-
}
39-
4036
from MultToAllocConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
4137
where config.hasFlowPath(source, sink)
42-
select sink, source, sink, "$@ in " + concat(describe(source), ", "), source, "here"
38+
select sink, source, sink,
39+
"Potentially overflowing value from $@ is used in the size of this allocation.", source,
40+
"multiplication"

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/AllocMultiplicationOverflow/AllocMultiplicationOverflow.expected

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,9 @@ nodes
99
| test.cpp:30:27:30:31 | ... * ... | semmle.label | ... * ... |
1010
| test.cpp:31:27:31:31 | ... * ... | semmle.label | ... * ... |
1111
#select
12-
| test.cpp:13:33:13:37 | ... * ... | test.cpp:13:33:13:37 | ... * ... | test.cpp:13:33:13:37 | ... * ... | $@ in test | test.cpp:13:33:13:37 | ... * ... | here |
13-
| test.cpp:15:31:15:35 | ... * ... | test.cpp:15:31:15:35 | ... * ... | test.cpp:15:31:15:35 | ... * ... | $@ in test | test.cpp:15:31:15:35 | ... * ... | here |
14-
| test.cpp:19:34:19:38 | ... * ... | test.cpp:19:34:19:38 | ... * ... | test.cpp:19:34:19:38 | ... * ... | $@ in test | test.cpp:19:34:19:38 | ... * ... | here |
15-
| test.cpp:23:33:23:37 | size1 | test.cpp:22:17:22:21 | ... * ... | test.cpp:23:33:23:37 | size1 | $@ in test | test.cpp:22:17:22:21 | ... * ... | here |
16-
| test.cpp:30:27:30:31 | ... * ... | test.cpp:30:27:30:31 | ... * ... | test.cpp:30:27:30:31 | ... * ... | $@ in test | test.cpp:30:27:30:31 | ... * ... | here |
17-
| test.cpp:31:27:31:31 | ... * ... | test.cpp:31:27:31:31 | ... * ... | test.cpp:31:27:31:31 | ... * ... | $@ in test | test.cpp:31:27:31:31 | ... * ... | here |
12+
| test.cpp:13:33:13:37 | ... * ... | test.cpp:13:33:13:37 | ... * ... | test.cpp:13:33:13:37 | ... * ... | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:13:33:13:37 | ... * ... | multiplication |
13+
| test.cpp:15:31:15:35 | ... * ... | test.cpp:15:31:15:35 | ... * ... | test.cpp:15:31:15:35 | ... * ... | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:15:31:15:35 | ... * ... | multiplication |
14+
| test.cpp:19:34:19:38 | ... * ... | test.cpp:19:34:19:38 | ... * ... | test.cpp:19:34:19:38 | ... * ... | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:19:34:19:38 | ... * ... | multiplication |
15+
| test.cpp:23:33:23:37 | size1 | test.cpp:22:17:22:21 | ... * ... | test.cpp:23:33:23:37 | size1 | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:22:17:22:21 | ... * ... | multiplication |
16+
| test.cpp:30:27:30:31 | ... * ... | test.cpp:30:27:30:31 | ... * ... | test.cpp:30:27:30:31 | ... * ... | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:30:27:30:31 | ... * ... | multiplication |
17+
| test.cpp:31:27:31:31 | ... * ... | test.cpp:31:27:31:31 | ... * ... | test.cpp:31:27:31:31 | ... * ... | Potentially overflowing value from $@ is used in the size of this allocation. | test.cpp:31:27:31:31 | ... * ... | multiplication |

0 commit comments

Comments
 (0)