C++: Accept test changes.

MathiasVP · MathiasVP · commit 377da9fa6614 · 2023-10-31T11:18:35.000Z
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected
@@ -10,8 +10,7 @@ edges
 | tests.cpp:131:14:131:35 | call to getenv indirection | tests.cpp:107:30:107:32 | msg indirection |
 | tests.cpp:132:14:132:35 | call to getenv indirection | tests.cpp:114:30:114:32 | msg indirection |
 | tests.cpp:133:14:133:35 | call to getenv indirection | tests.cpp:122:30:122:32 | msg indirection |
-| tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:141:29:141:34 | secret indirection |
-| tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:143:29:143:34 | secret indirection |
+| tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:141:15:141:20 | secret indirection |
 | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | tests_passwd.cpp:18:29:18:31 | pwd indirection |
 | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | tests_passwd.cpp:19:26:19:28 | pwd indirection |
 nodes
@@ -40,8 +39,7 @@ nodes
 | tests.cpp:133:14:133:35 | call to getenv indirection | semmle.label | call to getenv indirection |
 | tests.cpp:133:14:133:35 | call to getenv indirection | semmle.label | call to getenv indirection |
 | tests.cpp:139:17:139:22 | call to getenv indirection | semmle.label | call to getenv indirection |
-| tests.cpp:141:29:141:34 | secret indirection | semmle.label | secret indirection |
-| tests.cpp:143:29:143:34 | secret indirection | semmle.label | secret indirection |
+| tests.cpp:141:15:141:20 | secret indirection | semmle.label | secret indirection |
 | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | semmle.label | call to getpwnam indirection |
 | tests_passwd.cpp:18:29:18:31 | pwd indirection | semmle.label | pwd indirection |
 | tests_passwd.cpp:19:26:19:28 | pwd indirection | semmle.label | pwd indirection |
@@ -61,7 +59,6 @@ subpaths
 | tests.cpp:119:7:119:12 | buffer indirection | tests.cpp:132:14:132:35 | call to getenv indirection | tests.cpp:119:7:119:12 | buffer indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:132:14:132:35 | call to getenv indirection | call to getenv indirection |
 | tests.cpp:124:15:124:17 | msg indirection | tests.cpp:133:14:133:35 | call to getenv indirection | tests.cpp:124:15:124:17 | msg indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:133:14:133:35 | call to getenv indirection | call to getenv indirection |
 | tests.cpp:133:14:133:35 | call to getenv indirection | tests.cpp:133:14:133:35 | call to getenv indirection | tests.cpp:133:14:133:35 | call to getenv indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:133:14:133:35 | call to getenv indirection | call to getenv indirection |
-| tests.cpp:141:29:141:34 | secret indirection | tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:141:29:141:34 | secret indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:139:17:139:22 | call to getenv indirection | call to getenv indirection |
-| tests.cpp:143:29:143:34 | secret indirection | tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:143:29:143:34 | secret indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:139:17:139:22 | call to getenv indirection | call to getenv indirection |
+| tests.cpp:141:15:141:20 | secret indirection | tests.cpp:139:17:139:22 | call to getenv indirection | tests.cpp:141:15:141:20 | secret indirection | This operation potentially exposes sensitive system data from $@. | tests.cpp:139:17:139:22 | call to getenv indirection | call to getenv indirection |
 | tests_passwd.cpp:18:29:18:31 | pwd indirection | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | tests_passwd.cpp:18:29:18:31 | pwd indirection | This operation potentially exposes sensitive system data from $@. | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | call to getpwnam indirection |
 | tests_passwd.cpp:19:26:19:28 | pwd indirection | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | tests_passwd.cpp:19:26:19:28 | pwd indirection | This operation potentially exposes sensitive system data from $@. | tests_passwd.cpp:16:8:16:15 | call to getpwnam indirection | call to getpwnam indirection |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/tests.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/tests.cpp
@@ -140,5 +140,5 @@ void test_clear_memory(char *username) {
 
 	printf("%s", secret); // BAD
 	RtlZeroMemory(secret, 1024);
-	printf("%s", secret); // GOOD [FALSE POSITIVE]
+	printf("%s", secret); // GOOD
 }

Original file line number	Diff line number	Diff line change
`@@ -140,5 +140,5 @@ void test_clear_memory(char *username) {`
`140`	`140`
`141`	`141`	`printf("%s", secret); // BAD`
`142`	`142`	`RtlZeroMemory(secret, 1024);`
`143`		`- printf("%s", secret); // GOOD [FALSE POSITIVE]`
	`143`	`+ printf("%s", secret); // GOOD`
`144`	`144`	`}`