CPP: Add a test for OffsetUseBeforeRangeCheck.ql.

geoffw0 · geoffw0 · commit 01611d4d9625 · 2018-11-19T11:47:14.000Z
diff --git a/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/OffsetUseBeforeRangeCheck.expected b/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/OffsetUseBeforeRangeCheck.expected
@@ -0,0 +1,5 @@
+| test.cpp:11:10:11:18 | access to array | This use of offset 'i' should follow the $@. | test.cpp:11:32:11:45 | ... < ... | range check |
+| test.cpp:15:7:15:15 | access to array | This use of offset 'i' should follow the $@. | test.cpp:15:29:15:42 | ... < ... | range check |
+| test.cpp:33:28:33:36 | access to array | This use of offset 'i' should follow the $@. | test.cpp:33:50:33:67 | ... < ... | range check |
+| test.cpp:35:32:35:40 | access to array | This use of offset 'i' should follow the $@. | test.cpp:35:54:35:67 | ... < ... | range check |
+| test.cpp:39:8:39:16 | access to array | This use of offset 'i' should follow the $@. | test.cpp:39:30:39:47 | ... < ... | range check |
diff --git a/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/OffsetUseBeforeRangeCheck.qlref b/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/OffsetUseBeforeRangeCheck.qlref
@@ -0,0 +1 @@
+Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql
diff --git a/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/test.cpp b/cpp/ql/test/query-tests/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck/test.cpp
@@ -0,0 +1,50 @@
+
+void test(char *buffer, int bufferSize)
+{
+	int i;
+
+	// skip whitespace
+	i = 0;
+	while ((i < bufferSize) && (buffer[i] == ' ')) { i++; } // GOOD
+
+	i = 0;
+	while ((buffer[i] == ' ') && (i < bufferSize)) { i++; } // BAD
+
+	// check for 'x'
+	if ((i < bufferSize) && (buffer[i] == 'x')) {} // GOOD
+	if ((buffer[i] == 'x') && (i < bufferSize)) {} // BAD
+
+	if ((bufferSize > i) && (buffer[i] == 'x')) {} // GOOD
+	if ((buffer[i] == 'x') && (bufferSize > i)) {} // BAD [NOT DETECTED]
+
+	if ((i <= bufferSize - 1) && (buffer[i] == 'x')) {} // GOOD
+	if ((buffer[i] == 'x') && (i <= bufferSize - 1)) {} // BAD [NOT DETECTED]
+
+	if ((bufferSize >= i + 1) && (buffer[i] == 'x')) {} // GOOD
+	if ((buffer[i] == 'x') && (bufferSize >= i + 1)) {} // BAD [NOT DETECTED]
+
+	if ((i < bufferSize) && (true) && (buffer[i] == 'x')) {} // GOOD
+	if ((buffer[i] == 'x') && (true) && (i < bufferSize)) {} // BAD [NOT DETECTED]
+
+	if ((i < bufferSize - 1) && (buffer[i + 1] == 'x')) {} // GOOD
+	if ((buffer[i + 1] == 'x') && (i < bufferSize - 1)) {} // BAD [NOT DETECTED]
+
+	if ((i < bufferSize) && (buffer[i] == 'x') && (i < bufferSize - 1)) {} // GOOD
+	if ((i < bufferSize) && ((buffer[i] == 'x') && (i < bufferSize - 1))) {} // GOOD [FALSE POSITIVE]
+	if ((i < bufferSize + 1) && (buffer[i] == 'x') && (i < bufferSize)) {} // BAD [NOT DETECTED]
+	if ((i < bufferSize + 1) && ((buffer[i] == 'x') && (i < bufferSize))) {} // BAD
+
+	// look for 'ab'
+	for (i = 0; i < bufferSize; i++) {
+		if ((buffer[i] == 'a') && (i < bufferSize - 1) && (buffer[i + 1] == 'b')) // GOOD [FALSE POSITIVE]
+			break;
+	}
+
+	if ((i < bufferSize) && (buffer[i])) {} // GOOD
+	if ((buffer[i]) && (i < bufferSize)) {} // BAD [NOT DETECTED]
+
+	if ((i < bufferSize) && (buffer[i] + 1 == 'x')) {} // GOOD
+	if ((buffer[i] + 1 == 'x') && (i < bufferSize)) {} // BAD [NOT DETECTED]
+
+	if ((buffer != 0) && (i < bufferSize)) {} // GOOD
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql`