CPP: Additional cases resembling the ticket.

geoffw0 · geoffw0 · commit 2d8e4b3176f8 · 2019-09-23T13:04:14.000+01:00
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/TooManyFormatArguments.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/TooManyFormatArguments.expected
@@ -1,5 +1,5 @@
-| a.c:14:3:14:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
-| b.c:11:3:11:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
+| a.c:18:3:18:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
+| b.c:15:3:15:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
 | c.c:7:3:7:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
 | custom_printf.cpp:31:5:31:12 | call to myPrintf | Format expects 2 arguments but given 3 |
 | macros.cpp:12:2:12:31 | call to printf | Format expects 2 arguments but given 3 |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected
@@ -1,5 +1,5 @@
-| a.c:12:3:12:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
-| b.c:9:3:9:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
+| a.c:16:3:16:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
+| b.c:13:3:13:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
 | c.c:5:3:5:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
 | custom_printf.cpp:29:5:29:12 | call to myPrintf | Format expects 2 arguments but given 1 |
 | macros.cpp:14:2:14:37 | call to printf | Format expects 4 arguments but given 3 |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/a.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/a.c
@@ -4,9 +4,13 @@ void myMultiplyDefinedPrintf(const char *format, int extraArg, ...)
 {
 	// ...
 }
+
 __attribute__((format(printf, 1, 3)))
 void myMultiplyDefinedPrintf2(const char *format, int extraArg, ...);
 
+__attribute__((format(printf, 2, 3)))
+void myMultiplyDefinedPrintf3(int extraArg, const char *format, ...);
+
 void test_custom_printf1()
 {
   myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)
@@ -15,4 +19,7 @@ void test_custom_printf1()
   myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1, 2); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
+  myMultiplyDefinedPrintf3("%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s", "%s"); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
 }
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/b.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/b.c
@@ -1,9 +1,13 @@
 
 __attribute__((format(printf, 1, 2)))
 void myMultiplyDefinedPrintf(const char *format, ...); // this declaration does not match the definition
+
 __attribute__((format(printf, 1, 2)))
 void myMultiplyDefinedPrintf2(const char *format, ...);
 
+__attribute__((format(printf, 1, 2)))
+void myMultiplyDefinedPrintf3(const char *format, ...);
+
 void test_custom_printf2()
 {
   myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)
@@ -12,4 +16,7 @@ void test_custom_printf2()
   myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1, 2); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
-}
+  myMultiplyDefinedPrintf3("%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s", "%s"); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
+}
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/c.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/c.c
@@ -8,4 +8,7 @@ void test_custom_printf2()
   myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
   myMultiplyDefinedPrintf2("%i", 0, 1, 2); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
+  myMultiplyDefinedPrintf3("%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf3("%s", "%s", "%s", "%s"); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]
 }

Original file line number	Diff line number	Diff line change
`@@ -4,9 +4,13 @@ void myMultiplyDefinedPrintf(const char *format, int extraArg, ...)`
`4`	`4`	`{`
`5`	`5`	`// ...`
`6`	`6`	`}`
	`7`	`+`
`7`	`8`	`__attribute__((format(printf, 1, 3)))`
`8`	`9`	`void myMultiplyDefinedPrintf2(const char *format, int extraArg, ...);`
`9`	`10`
	`11`	`+__attribute__((format(printf, 2, 3)))`
	`12`	`+void myMultiplyDefinedPrintf3(int extraArg, const char *format, ...);`
	`13`	`+`
`10`	`14`	`void test_custom_printf1()`
`11`	`15`	`{`
`12`	`16`	`myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)`
`@@ -15,4 +19,7 @@ void test_custom_printf1()`
`15`	`19`	`myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
`16`	`20`	`myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
`17`	`21`	`myMultiplyDefinedPrintf2("%i", 0, 1, 2); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]`
	`22`	`+ myMultiplyDefinedPrintf3("%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
	`23`	`+ myMultiplyDefinedPrintf3("%s", "%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
	`24`	`+ myMultiplyDefinedPrintf3("%s", "%s", "%s", "%s"); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]`
`18`	`25`	`}`
Original file line number	Diff line number	Diff line change
`@@ -8,4 +8,7 @@ void test_custom_printf2()`
`8`	`8`	`myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
`9`	`9`	`myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
`10`	`10`	`myMultiplyDefinedPrintf2("%i", 0, 1, 2); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]`
	`11`	`+ myMultiplyDefinedPrintf3("%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
	`12`	`+ myMultiplyDefinedPrintf3("%s", "%s", "%s"); // GOOD (we can't tell which definition is correct so we have to assume this is OK)`
	`13`	`+ myMultiplyDefinedPrintf3("%s", "%s", "%s", "%s"); // BAD (too many format arguments regardless of which definition is correct) [NOT DETECTED]`
`11`	`14`	`}`