C++: Add uninitialized variable FP test

jketema · jketema · commit d224f85b243a · 2025-09-11T10:31:00.000+02:00
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
@@ -14,6 +14,7 @@ nodes
 | test.cpp:466:6:466:6 | definition of x | semmle.label | definition of x |
 | test.cpp:472:6:472:6 | definition of x | semmle.label | definition of x |
 | test.cpp:479:6:479:6 | definition of x | semmle.label | definition of x |
+| too_many_constants.cpp:32:9:32:9 | definition of m | semmle.label | definition of m |
 #select
 | errors.cpp:14:18:14:18 | x | errors.cpp:13:7:13:7 | definition of x | errors.cpp:13:7:13:7 | definition of x | The variable $@ may not be initialized at this access. | errors.cpp:13:7:13:7 | x | x |
 | test.cpp:12:6:12:8 | foo | test.cpp:11:6:11:8 | definition of foo | test.cpp:11:6:11:8 | definition of foo | The variable $@ may not be initialized at this access. | test.cpp:11:6:11:8 | foo | foo |
@@ -29,3 +30,4 @@ nodes
 | test.cpp:468:7:468:7 | x | test.cpp:466:6:466:6 | definition of x | test.cpp:466:6:466:6 | definition of x | The variable $@ may not be initialized at this access. | test.cpp:466:6:466:6 | x | x |
 | test.cpp:475:2:475:2 | x | test.cpp:472:6:472:6 | definition of x | test.cpp:472:6:472:6 | definition of x | The variable $@ may not be initialized at this access. | test.cpp:472:6:472:6 | x | x |
 | test.cpp:482:7:482:7 | x | test.cpp:479:6:479:6 | definition of x | test.cpp:479:6:479:6 | definition of x | The variable $@ may not be initialized at this access. | test.cpp:479:6:479:6 | x | x |
+| too_many_constants.cpp:41:10:41:10 | m | too_many_constants.cpp:32:9:32:9 | definition of m | too_many_constants.cpp:32:9:32:9 | definition of m | The variable $@ may not be initialized at this access. | too_many_constants.cpp:32:9:32:9 | m | m |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/too_many_constants.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/too_many_constants.cpp
@@ -0,0 +1,42 @@
+struct S {
+  int a;
+  int b;
+  int c;
+  unsigned long *d;
+
+  union {
+    struct {
+      const char *e;
+      int f;
+      S *g;
+      const char *h;
+      int i;
+      bool j;
+      bool k;
+      const char *l;
+      char **m;
+    } n;
+
+    struct {
+      bool o;
+      bool p;
+    } q;
+  } r;
+};
+
+int too_many_constants_init(S *s);
+
+char *too_many_constants(const char *h, bool k, int i) {
+  const char *e = "";
+  char l[64] = "";
+  char *m;
+
+  S s[] = {
+      {.a = 0, .c = 0, .d = nullptr, .r = {.n = {.e = e, .f = 1, .g = nullptr, .h = h, .i = i, .j = false, .k = k, .l = l, .m = &m}}},
+      {.a = 0, .c = 0, .d = nullptr, .r = {.q = {.o = true, .p = true}}}
+  };
+
+  too_many_constants_init(s);
+
+  return m;
+}
