Accommodate implicit dereferencing in regression tests

goblint · Aug 28, 2023 · 5464636 · 5464636
1 parent 66f0c9d
commit 5464636
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 8 deletions.
diff --git a/tests/regression/74-use_after_free/06-uaf-struct.c b/tests/regression/74-use_after_free/06-uaf-struct.c
@@ -17,15 +17,16 @@ int main(int argc, char **argv) {
     char line[128];
 
     while (1) {
-        // No deref happening here => nothing to warn about
-        printf("[ auth = %p, service = %p ]\n", auth, service); //NOWARN
+        // printf() is considered an implicit deref => need to warn here
+        printf("[ auth = %p, service = %p ]\n", auth, service); //WARN
 
         if (fgets(line, sizeof(line), stdin) == NULL) break;
 
         if (strncmp(line, "auth ", 5) == 0) {
-            // No deref happening in either of the 2 lines below => no need to warn
+            // No deref happening in the line below => no need to warn
             auth = malloc(sizeof(auth)); //NOWARN
-            memset(auth, 0, sizeof(auth)); //NOWARN
+            // memset() is considered an implicit deref => need to warn
+            memset(auth, 0, sizeof(auth)); //WARN
             if (strlen(line + 5) < 31) {
                 strcpy(auth->name, line + 5); //WARN
             }

diff --git a/tests/regression/74-use_after_free/09-juliet-uaf.c b/tests/regression/74-use_after_free/09-juliet-uaf.c
@@ -68,9 +68,10 @@ void CWE416_Use_After_Free__return_freed_ptr_08_bad()
     if(staticReturnsTrue())
     {
         {
-            // No need to warn in the two lines below, since there's no dereferencing of the freed memory
+            // No need to warn in the line below, since there's no dereferencing of the freed memory
             char * reversedString = helperBad("BadSink"); // NOWARN
-            printf("%s\n", reversedString); // NOWARN
+            // printf() is considered an implicit deref => need to warn here
+            printf("%s\n", reversedString); // WARN
         }
     }
 }

diff --git a/tests/regression/74-use_after_free/11-wrapper-funs-uaf.c b/tests/regression/74-use_after_free/11-wrapper-funs-uaf.c
@@ -27,8 +27,8 @@ int main(int argc, char const *argv[]) {
     my_free2(p);
 
     *(p + 42) = 'c'; //WARN
-    // No dereferencing in the line below => no need to warn
-    printf("%s", p); //NOWARN
+    // printf() is considered an implicit deref => need to warn
+    printf("%s", p); //WARN
 
     // No dereferencing happening in the lines below => no need to warn for an invalid-deref
     // Also no need to warn for an invalid-free, as the call to free is within these functions and they're not the "free" function itself