diff --git a/tests/regression/74-invalid_deref/30-cwe-562-nested-globals.c b/tests/regression/74-invalid_deref/30-cwe-562-nested-globals.c new file mode 100644 index 0000000000..95665b745a --- /dev/null +++ b/tests/regression/74-invalid_deref/30-cwe-562-nested-globals.c @@ -0,0 +1,18 @@ +#include + +char **a; +char *globb; + +char *cwe() { + globb = malloc(sizeof(char)); + a = malloc(sizeof(char*)); + *a = globb; + // TODO: Not sure why we still get a warn for the line below. Need to fix it + return *a; //NOWARN +} + +int main(int argc, char const *argv[]) { + char *b = cwe(); + char test = *b; + return 0; +} \ No newline at end of file diff --git a/tests/regression/74-invalid_deref/31-cwe-562-address-taken.c b/tests/regression/74-invalid_deref/31-cwe-562-address-taken.c new file mode 100644 index 0000000000..1e615be066 --- /dev/null +++ b/tests/regression/74-invalid_deref/31-cwe-562-address-taken.c @@ -0,0 +1,12 @@ +#include + +char *cwe() { + char a; + return &a; //WARN +} + +int main(int argc, char const *argv[]) { + char *b = cwe(); + char test = *b; //WARN + return 0; +} \ No newline at end of file diff --git a/tests/regression/74-invalid_deref/32-cwe-562-local-ptr-var.c b/tests/regression/74-invalid_deref/32-cwe-562-local-ptr-var.c new file mode 100644 index 0000000000..f5b59914e6 --- /dev/null +++ b/tests/regression/74-invalid_deref/32-cwe-562-local-ptr-var.c @@ -0,0 +1,12 @@ +#include + +char *cwe() { + char *a; + return a; //WARN +} + +int main(int argc, char const *argv[]) { + char *b = cwe(); + char test = *b; //WARN + return 0; +} \ No newline at end of file diff --git a/tests/regression/74-invalid_deref/33-cwe-562-global-local.c b/tests/regression/74-invalid_deref/33-cwe-562-global-local.c new file mode 100644 index 0000000000..333621dedc --- /dev/null +++ b/tests/regression/74-invalid_deref/33-cwe-562-global-local.c @@ -0,0 +1,16 @@ +#include + +char **a; + +char *cwe() { + char *local; + a = malloc(sizeof(char*)); + *a = local; + return *a; //WARN +} + +int main(int argc, char const *argv[]) { + char *b = cwe(); + char test = *b; //WARN + return 0; +} \ No newline at end of file