wangwei
/
cwetest
Not watched
1
0
Fork 0
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
3.2 MB
55 Download
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
cwetest/CWE476_NULL_Pointer_Derefer...

CWE476_NULL_Pointer_Dereference__binary_if_01.c 2.2 kB
Raw Permalink Normal View History

1
3 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. /* TEMPLATE GENERATED TESTCASE FILE

  2. Filename: CWE476_NULL_Pointer_Dereference__binary_if_01.c

  3. Label Definition File: CWE476_NULL_Pointer_Dereference.pointflaw.label.xml

  4. Template File: point-flaw-01.tmpl.c

  5. */

  6. /*

  7.  * @description

  8.  * CWE: 476 NULL Pointer Dereference

  9.  * Sinks: binary_if

  10.  *    GoodSink: Do not check for NULL after the pointer has been dereferenced

  11.  *    BadSink : Check for NULL after a pointer has already been dereferenced

  12.  * Flow Variant: 01 Baseline

  13.  *

  14.  * */

  15. 

  16. #include "std_testcase.h"

  17. 

  18. #ifndef OMITBAD

  19. 

  20. void CWE476_NULL_Pointer_Dereference__binary_if_01_bad()

  21. {

  22.     {

  23.         twoIntsStruct *twoIntsStructPointer = NULL;

  24.         /* FLAW: Using a single & in the if statement will cause both sides of the expression to be evaluated

  25.          * thus causing a NPD */

  26.         if ((twoIntsStructPointer != NULL) & (twoIntsStructPointer->intOne == 5))

  27.         {

  28.             printLine("intOne == 5");

  29.         }

  30.     }

  31. }

  32. 

  33. #endif /* OMITBAD */

  34. 

  35. #ifndef OMITGOOD

  36. 

  37. static void good1()

  38. {

  39.     {

  40.         twoIntsStruct *twoIntsStructPointer = NULL;

  41.         /* FIX: Use && in the if statement so that if the left side of the expression fails then

  42.          * the right side will not be evaluated */

  43.         if ((twoIntsStructPointer != NULL) && (twoIntsStructPointer->intOne == 5))

  44.         {

  45.             printLine("intOne == 5");

  46.         }

  47.     }

  48. }

  49. 

  50. void CWE476_NULL_Pointer_Dereference__binary_if_01_good()

  51. {

  52.     good1();

  53. }

  54. 

  55. #endif /* OMITGOOD */

  56. 

  57. /* Below is the main(). It is only used when building this testcase on

  58.    its own for testing or for building a binary to use in testing binary

  59.    analysis tools. It is not used when compiling all the testcases as one

  60.    application, which is how source code analysis tools are tested. */

  61. 

  62. #ifdef INCLUDEMAIN

  63. 

  64. int main(int argc, char * argv[])

  65. {

  66.     /* seed randomness */

  67.     srand( (unsigned)time(NULL) );

  68. #ifndef OMITGOOD

  69.     printLine("Calling good()...");

  70.     CWE476_NULL_Pointer_Dereference__binary_if_01_good();

  71.     printLine("Finished good()");

  72. #endif /* OMITGOOD */

  73. #ifndef OMITBAD

  74.     printLine("Calling bad()...");

  75.     CWE476_NULL_Pointer_Dereference__binary_if_01_bad();

  76.     printLine("Finished bad()");

  77. #endif /* OMITBAD */

  78.     return 0;

  79. }

  80. 

  81. #endif

No Description

Contributors (1)
All