CPP: Add test cases.

geoffw0 · geoffw0 · commit c904a338f7fb · 2018-12-12T23:47:48.000Z
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/SuspiciousAddWithSizeof.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/SuspiciousAddWithSizeof.expected
@@ -4,3 +4,5 @@
 | test.cpp:30:25:30:35 | sizeof(int) | Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is int *. |
 | test.cpp:38:30:38:40 | sizeof(int) | Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is int *. |
 | test.cpp:61:27:61:37 | sizeof(int) | Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is int *. |
+| test.cpp:88:35:88:47 | sizeof(MyABC) | Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is myChar *const. |
+| test.cpp:89:40:89:52 | sizeof(MyABC) | Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is myInt *const. |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/test.cpp
@@ -64,3 +64,32 @@ void test7(int i) {
   v = *(int *)(voidPointer + i); // GOOD (actually rather dubious, but this could be correct code)
   v = *(int *)(voidPointer + (i * sizeof(int))); // GOOD
 }
+
+typedef unsigned long size_t;
+
+void *malloc(size_t size);
+
+class MyABC
+{
+public:
+  int a, b, c;
+};
+
+typedef unsigned char myChar;
+typedef unsigned int myInt;
+
+class MyTest8Class
+{
+public:
+  MyTest8Class() :
+    pairPtr((myChar *)malloc(sizeof(MyABC) * 2)),
+    pairPtrInt((myInt *)malloc(sizeof(MyABC) * 2))
+  {
+    myChar *secondPtr = pairPtr + sizeof(MyABC); // GOOD [FALSE POSITIVE]
+    myInt *secondPtrInt = pairPtrInt + sizeof(MyABC); // BAD
+  }
+
+private:
+  myChar * const pairPtr;
+  myInt * const pairPtrInt;
+};
