Skip to content

Commit ed6d8e3

Browse files
ihsinmeihsinme
authored
Add files via upload
1 parent b185a33 commit ed6d8e3

File tree

3 files changed

+205
-0
lines changed

3 files changed

+205
-0
lines changed

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-14/semmle/tests/CompilerRemovalOfCodeToClearBuffers.expected

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
| test.c:13:9:13:13 | buff1 | this variable will not be cleared |
2+
| test.c:35:9:35:13 | buff1 | this variable will not be cleared |
3+
| test.c:43:9:43:13 | buff1 | this variable will not be cleared |

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-14/semmle/tests/CompilerRemovalOfCodeToClearBuffers.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-14/semmle/tests/test.c

Lines changed: 201 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,201 @@
1+
struct buffers
2+
{
3+
unsigned char buff1[50];
4+
unsigned char *buff2;
5+
} globalBuff1,*globalBuff2;
6+
7+
unsigned char * globalBuff;
8+
void badFunc0_0(){
9+
unsigned char buff1[12];
10+
int i;
11+
for(i=0;i<12;i++)
12+
buff1[i]=13;
13+
memset(buff1,12,12);
14+
}
15+
void nobadFunc0_0(){
16+
unsigned char buff1[12];
17+
memset(buff1,12,12);
18+
}
19+
void nobadFunc0_1(){
20+
unsigned char buff1[12];
21+
int i;
22+
memset(buff1,12,12);
23+
for(i=0;i<12;i++)
24+
buff1[i]=13;
25+
free(buff1);
26+
}
27+
void nobadFunc1_0(){
28+
unsigned char * buff1;
29+
buff1 = (unsigned char *) malloc(12);
30+
memset(buff1,12,12);
31+
}
32+
void badFunc1_0(){
33+
unsigned char * buff1;
34+
buff1 = (unsigned char *) malloc(12);
35+
memset(buff1,12,12);
36+
free(buff1);
37+
}
38+
void badFunc1_1(){
39+
unsigned char buff1[12];
40+
int i;
41+
for(i=0;i<12;i++)
42+
buff1[i]=13;
43+
memset(buff1,12,12);
44+
free(buff1);
45+
}
46+
void nobadFunc2_0_0(){
47+
unsigned char buff1[12];
48+
int i;
49+
for(i=0;i<12;i++)
50+
buff1[i]=13;
51+
memset(buff1,12,12);
52+
printf(buff1);
53+
}
54+
55+
void nobadFunc2_0_1(){
56+
unsigned char buff1[12];
57+
int i;
58+
for(i=0;i<12;i++)
59+
buff1[i]=13;
60+
memset(buff1,12,12);
61+
printf(buff1+3);
62+
}
63+
64+
void nobadFunc2_0_2(){
65+
unsigned char buff1[12];
66+
int i;
67+
for(i=0;i<12;i++)
68+
buff1[i]=13;
69+
memset(buff1,12,12);
70+
printf(*buff1);
71+
}
72+
73+
void nobadFunc2_0_3(){
74+
unsigned char buff1[12];
75+
int i;
76+
for(i=0;i<12;i++)
77+
buff1[i]=13;
78+
memset(buff1,12,12);
79+
printf(*(buff1+3));
80+
}
81+
unsigned char * nobadFunc2_0_4(){
82+
unsigned char buff1[12];
83+
int i;
84+
for(i=0;i<12;i++)
85+
buff1[i]=13;
86+
memset(buff1,12,12);
87+
return buff1;
88+
}
89+
90+
unsigned char * nobadFunc2_0_5(){
91+
unsigned char buff1[12];
92+
int i;
93+
for(i=0;i<12;i++)
94+
buff1[i]=13;
95+
memset(buff1,12,12);
96+
return buff1+3;
97+
}
98+
unsigned char nobadFunc2_0_6(){
99+
unsigned char buff1[12];
100+
int i;
101+
for(i=0;i<12;i++)
102+
buff1[i]=13;
103+
memset(buff1,12,12);
104+
return *buff1;
105+
}
106+
107+
unsigned char nobadFunc2_0_7(){
108+
unsigned char buff1[12];
109+
int i;
110+
for(i=0;i<12;i++)
111+
buff1[i]=13;
112+
memset(buff1,12,12);
113+
return *(buff1+3);
114+
}
115+
void nobadFunc2_1_0(){
116+
unsigned char buff1[12];
117+
int i;
118+
for(i=0;i<12;i++)
119+
buff1[i]=13;
120+
memset(buff1,12,12);
121+
if(*buff1==0)
122+
printf("123123");
123+
}
124+
void nobadFunc2_1_1(){
125+
unsigned char buff1[12];
126+
int i;
127+
for(i=0;i<12;i++)
128+
buff1[i]=13;
129+
memset(buff1,12,12);
130+
if(*(buff1+3)==0)
131+
printf("123123");
132+
}
133+
void nobadFunc2_1_2(){
134+
unsigned char buff1[12];
135+
int i;
136+
for(i=0;i<12;i++)
137+
buff1[i]=13;
138+
memset(buff1,12,12);
139+
buff1[2]=5;
140+
}
141+
void nobadFunc3_0(unsigned char * buffAll){
142+
unsigned char * buff1 = buffAll;
143+
memset(buff1,12,12);
144+
}
145+
void nobadFunc3_1(unsigned char * buffAll){
146+
unsigned char * buff1 = buffAll+3;
147+
memset(buff1,12,12);
148+
}
149+
void nobadFunc3_2(struct buffers buffAll){
150+
unsigned char * buff1 = buffAll.buff1;
151+
memset(buff1,12,12);
152+
}
153+
void nobadFunc3_3(struct buffers buffAll){
154+
unsigned char * buff1 = buffAll.buff2;
155+
memset(buff1,12,12);
156+
}
157+
void nobadFunc3_4(struct buffers buffAll){
158+
unsigned char * buff1 = buffAll.buff2+3;
159+
memset(buff1,12,12);
160+
}
161+
void nobadFunc3_5(struct buffers * buffAll){
162+
unsigned char * buff1 = buffAll->buff1;
163+
memset(buff1,12,12);
164+
}
165+
void nobadFunc3_6(struct buffers *buffAll){
166+
unsigned char * buff1 = buffAll->buff2;
167+
memset(buff1,12,12);
168+
}
169+
void nobadFunc4(){
170+
unsigned char * buff1 = globalBuff;
171+
memset(buff1,12,12);
172+
}
173+
void nobadFunc4_0(){
174+
unsigned char * buff1 = globalBuff;
175+
memset(buff1,12,12);
176+
}
177+
void nobadFunc4_1(){
178+
unsigned char * buff1 = globalBuff+3;
179+
memset(buff1,12,12);
180+
}
181+
void nobadFunc4_2(){
182+
unsigned char * buff1 = globalBuff1.buff1;
183+
memset(buff1,12,12);
184+
}
185+
void nobadFunc4_3(){
186+
unsigned char * buff1 = globalBuff1.buff2;
187+
memset(buff1,12,12);
188+
}
189+
void nobadFunc4_4(){
190+
unsigned char * buff1 = globalBuff1.buff2+3;
191+
memset(buff1,12,12);
192+
}
193+
void nobadFunc4_5(){
194+
unsigned char * buff1 = globalBuff2->buff1;
195+
memset(buff1,12,12);
196+
}
197+
void nobadFunc4_6(){
198+
unsigned char * buff1 = globalBuff2->buff2;
199+
memset(buff1,12,12);
200+
}
201+

0 commit comments

Comments
 (0)