Skip to content

Commit 19c4b2f

Browse files
jketemajketema
committed
C++: Use getConvSpecString instead of getConvSpecOffset and substring 
1 parent 81468da commit 19c4b2f

File tree

2 files changed

+20
-12
lines changed

2 files changed

+20
-12
lines changed

cpp/ql/lib/semmle/code/cpp/commons/Printf.qll

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -459,6 +459,13 @@ class FormatLiteral extends Literal instanceof StringLiteral {
459459
*/
460460
int getConvSpecOffset(int n) { result = this.getFormat().indexOf("%", n, 0) }
461461

462+
/**
463+
* Gets the nth conversion specifier string.
464+
*/
465+
private string getConvSpecString(int n) {
466+
n >= 0 and result = "%" + this.getFormat().splitAt("%", n + 1)
467+
}
468+
462469
/*
463470
* Each of these predicates gets a regular expressions to match each individual
464471
* parts of a conversion specifier.
@@ -524,10 +531,8 @@ class FormatLiteral extends Literal instanceof StringLiteral {
524531
int n, string spec, string params, string flags, string width, string prec, string len,
525532
string conv
526533
) {
527-
exists(int offset, string fmt, string rst, string regexp |
528-
offset = this.getConvSpecOffset(n) and
529-
fmt = this.getFormat() and
530-
rst = fmt.substring(offset, fmt.length()) and
534+
exists(string rst, string regexp |
535+
rst = this.getConvSpecString(n) and
531536
regexp = this.getConvSpecRegexp() and
532537
(
533538
spec = rst.regexpCapture(regexp, 1) and
@@ -554,10 +559,8 @@ class FormatLiteral extends Literal instanceof StringLiteral {
554559
* Gets the nth conversion specifier (including the initial `%`).
555560
*/
556561
string getConvSpec(int n) {
557-
exists(int offset, string fmt, string rst, string regexp |
558-
offset = this.getConvSpecOffset(n) and
559-
fmt = this.getFormat() and
560-
rst = fmt.substring(offset, fmt.length()) and
562+
exists(string rst, string regexp |
563+
rst = this.getConvSpecString(n) and
561564
regexp = this.getConvSpecRegexp() and
562565
result = rst.regexpCapture(regexp, 1)
563566
)

cpp/ql/lib/semmle/code/cpp/commons/Scanf.qll

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -194,6 +194,13 @@ class ScanfFormatLiteral extends Expr {
194194
)
195195
}
196196

197+
/**
198+
* Gets the nth conversion specifier string.
199+
*/
200+
private string getConvSpecString(int n) {
201+
n >= 0 and result = "%" + this.getFormat().splitAt("%", n + 1)
202+
}
203+
197204
/**
198205
* Gets the regular expression to match each individual part of a conversion specifier.
199206
*/
@@ -227,10 +234,8 @@ class ScanfFormatLiteral extends Expr {
227234
* specifier.
228235
*/
229236
predicate parseConvSpec(int n, string spec, string width, string len, string conv) {
230-
exists(int offset, string fmt, string rst, string regexp |
231-
offset = this.getConvSpecOffset(n) and
232-
fmt = this.getFormat() and
233-
rst = fmt.substring(offset, fmt.length()) and
237+
exists(string rst, string regexp |
238+
rst = this.getConvSpecString(n) and
234239
regexp = this.getConvSpecRegexp() and
235240
(
236241
spec = rst.regexpCapture(regexp, 1) and

0 commit comments

Comments
 (0)