C++: Add a few more test cases that we don't recognize as OK.

geoffw0 · geoffw0 · commit 8fa3ffe12550 · 2021-01-19T16:56:19.000Z
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-401/semmle/tests/MemoryLeakOnFailedCallToRealloc.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-401/semmle/tests/MemoryLeakOnFailedCallToRealloc.expected
@@ -2,3 +2,6 @@
 | test.c:63:29:63:35 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
 | test.c:139:29:139:35 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
 | test.c:186:29:186:35 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
+| test.c:282:29:282:35 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
+| test.c:299:26:299:32 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
+| test.c:316:33:316:39 | call to realloc | possible loss of original pointer on unsuccessful call realloc |
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-401/semmle/tests/test.c b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-401/semmle/tests/test.c
@@ -272,3 +272,50 @@ unsigned char * noBadResize_2_7(unsigned char * buffer,size_t currentSize,size_t
 	myASSERT_2(buffer);
 	return buffer;
 }
+
+unsigned char *goodResize_3_1(unsigned char *buffer, size_t currentSize, size_t newSize)
+{
+	// GOOD: this way we will exclude possible memory leak [FALSE POSITIVE]
+	unsigned char *tmp = buffer;
+	if (currentSize < newSize)
+	{
+		buffer = (unsigned char *)realloc(buffer, newSize);
+		if (buffer == NULL)
+		{
+			free(tmp);
+			return NULL;
+		} 
+	}
+
+	return buffer;
+}
+
+unsigned char *goodResize_3_2(unsigned char *buffer, size_t currentSize, size_t newSize)
+{
+	// GOOD: this way we will exclude possible memory leak [FALSE POSITIVE]
+	unsigned char *tmp = buffer;
+	if (currentSize < newSize)
+	{
+		tmp = (unsigned char *)realloc(tmp, newSize);
+		if (tmp != 0)
+		{
+			buffer = tmp;
+		} 
+	}
+
+	return buffer;
+}
+
+void abort(void);
+
+unsigned char *noBadResize_4_1(unsigned char *buffer, size_t currentSize, size_t newSize)
+{
+	// GOOD: program to end [FALSE POSITIVE]
+	if (currentSize < newSize)
+	{
+		if (buffer = (unsigned char *)realloc(buffer, newSize))
+			abort();
+	}
+
+	return buffer;
+}
