forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest.cpp
More file actions
48 lines (40 loc) · 928 Bytes
/
test.cpp
File metadata and controls
48 lines (40 loc) · 928 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
typedef unsigned int size_t;
void *memcpy(void *dest, const void *src, size_t count);
void f1(void)
{
char buffer1[3];
char buffer2[] = {'a', 'b', 'c'};
int i;
for (i = 0; i < 3; i++)
{
buffer1[i] = 0; // GOOD
buffer2[i] = 0; // GOOD
}
for (i = 0; i < 4; i++)
{
buffer1[i] = 0; // BAD
buffer2[i] = 0; // BAD
}
memcpy(buffer1, buffer2, 3); // GOOD
memcpy(buffer1, buffer2, 4); // BAD
memcpy(buffer2, buffer1, 3); // GOOD
memcpy(buffer2, buffer1, 4); // BAD
}
void f2(char *src)
{
char buffer[100];
char *ptr;
int amount;
amount = 100;
memcpy(buffer, src, amount); // GOOD
amount = amount + 1;
memcpy(buffer, src, amount); // BAD [NOT DETECTED]
amount = 101;
memcpy(buffer, src, amount); // BAD
ptr = buffer;
memcpy(ptr, src, 101); // BAD [NOT DETECTED]
ptr = &(buffer[0]);
memcpy(ptr, src, 101); // BAD [NOT DETECTED]
ptr = &(buffer[1]);
memcpy(ptr, src, 100); // BAD [NOT DETECTED]
}