From 73556075112c06f00879f56adaa6be0be31fe217 Mon Sep 17 00:00:00 2001 From: Guo XIn <371864209@qq.com> Date: Mon, 29 Jan 2024 19:03:52 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E4=BD=BF=E7=94=A8re?= =?UTF-8?q?alloc=E5=87=BD=E6=95=B0=E5=89=8D=E5=BA=94=E5=85=88=E6=B8=85?= =?UTF-8?q?=E7=A9=BA=E6=95=8F=E6=84=9F=E4=BF=A1=E6=81=AF=E8=A7=84=E5=88=99?= =?UTF-8?q?=E6=A3=80=E6=9F=A5=E8=AF=AF=E6=8A=A5=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java | 2 +- .../com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java index 95aeea4..e1b7976 100644 --- a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java +++ b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java @@ -27,7 +27,7 @@ import java.util.List; * @author RenFengJiang * @date 2024/1/13 */ -@Rule(key = "ReallocMainChecker", name = "使用realloc函数前应先清楚敏感信息", description = "使用realloc()函数前先清空该内存块中的敏感信息", priority = Priority.INFO, tags = {"28suo"}) +@Rule(key = "ReallocMainChecker", name = "使用realloc函数前应先清空敏感信息", description = "使用realloc()函数前先清空该内存块中的敏感信息", priority = Priority.INFO, tags = {"28suo"}) @ActivatedByDefault @SqaleConstantRemediation("5min") public class ReallocMainChecker extends SquidCheck { diff --git a/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc index c56788f..d38dcb5 100644 --- a/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc +++ b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc @@ -24,7 +24,8 @@ int main() { // C++ 中使用 new 进行重新分配 User* tempUsers = new User[10]; if (users != nullptr) { - std::memcpy(tempUsers, users, 5 * sizeof(User)); // 复制已有数据到新内存 + users = (User*)realloc(users, 10 * sizeof(User)); + //std::memcpy(tempUsers, users, 5 * sizeof(User)); // 复制已有数据到新内存 delete[] users; // 释放旧内存 } users = tempUsers;