CPP: Test format args with mismatching declarations.

geoffw0 · geoffw0 · commit 9a407eb43cba · 2019-09-20T14:54:44.000+01:00
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/TooManyFormatArguments.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/TooManyFormatArguments.expected
@@ -1,3 +1,9 @@
+| a.c:14:3:14:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
+| a.c:17:3:17:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 2 |
+| b.c:11:3:11:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
+| b.c:14:3:14:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 2 |
+| c.c:7:3:7:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 2 |
+| c.c:10:3:10:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 2 |
 | custom_printf.cpp:31:5:31:12 | call to myPrintf | Format expects 2 arguments but given 3 |
 | macros.cpp:12:2:12:31 | call to printf | Format expects 2 arguments but given 3 |
 | macros.cpp:16:2:16:30 | call to printf | Format expects 2 arguments but given 3 |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/WrongNumberOfFormatArguments.expected
@@ -1,3 +1,9 @@
+| a.c:12:3:12:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
+| a.c:15:3:15:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 0 |
+| b.c:9:3:9:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
+| b.c:12:3:12:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 0 |
+| c.c:5:3:5:25 | call to myMultiplyDefinedPrintf | Format expects 1 arguments but given 0 |
+| c.c:8:3:8:26 | call to myMultiplyDefinedPrintf2 | Format expects 1 arguments but given 0 |
 | custom_printf.cpp:29:5:29:12 | call to myPrintf | Format expects 2 arguments but given 1 |
 | macros.cpp:14:2:14:37 | call to printf | Format expects 4 arguments but given 3 |
 | macros.cpp:21:2:21:36 | call to printf | Format expects 4 arguments but given 3 |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/a.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/a.c
@@ -0,0 +1,18 @@
+
+__attribute__((format(printf, 1, 3)))
+void myMultiplyDefinedPrintf(const char *format, int extraArg, ...)
+{
+	// ...
+}
+__attribute__((format(printf, 1, 3)))
+void myMultiplyDefinedPrintf2(const char *format, int extraArg, ...);
+
+void test_custom_printf1()
+{
+  myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)
+  myMultiplyDefinedPrintf("%i", 0, 1); // GOOD
+  myMultiplyDefinedPrintf("%i", 0, 1, 2); // BAD (too many format arguments)
+  myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+  myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf2("%i", 0, 1, 2); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+}
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/b.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/b.c
@@ -0,0 +1,15 @@
+
+__attribute__((format(printf, 1, 2)))
+void myMultiplyDefinedPrintf(const char *format, ...); // this declaration does not match the definition
+__attribute__((format(printf, 1, 2)))
+void myMultiplyDefinedPrintf2(const char *format, ...);
+
+void test_custom_printf2()
+{
+  myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)
+  myMultiplyDefinedPrintf("%i", 0, 1); // GOOD
+  myMultiplyDefinedPrintf("%i", 0, 1, 2); // BAD (too many format arguments)
+  myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+  myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf2("%i", 0, 1, 2); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+}
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/c.c b/cpp/ql/test/query-tests/Likely Bugs/Format/WrongNumberOfFormatArguments/c.c
@@ -0,0 +1,11 @@
+
+void test_custom_printf2()
+{
+  // (implicitly defined)
+  myMultiplyDefinedPrintf("%i", 0); // BAD (too few format arguments)
+  myMultiplyDefinedPrintf("%i", 0, 1); // GOOD
+  myMultiplyDefinedPrintf("%i", 0, 1, 2); // BAD (too many format arguments)
+  myMultiplyDefinedPrintf2("%i", 0); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+  myMultiplyDefinedPrintf2("%i", 0, 1); // GOOD (we can't tell which definition is correct so we have to assume this is OK)
+  myMultiplyDefinedPrintf2("%i", 0, 1, 2); // GOOD (we can't tell which definition is correct so we have to assume this is OK) [FALSE POSITIVE]
+}
