hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Ensure that the instruction being compared is the result of the 'CallInstruction'.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2025-01-15 19:27:28 +00:00
parent 90faab456d
commit 01cbd2f7f1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Critical/ScanfChecks.qll
View File

@@ -37,7 +37,7 @@ private string getEofValue() {
*/
private predicate checkedForEof(ScanfFunctionCall call) {
exists(IRGuardCondition gc |
exists(Instruction i | i.getUnconvertedResultExpression() = call |
exists(CallInstruction i | i.getUnconvertedResultExpression() = call |
exists(int val | gc.comparesEq(valueNumber(i).getAUse(), val, _, _) |
// call == EOF
val = getEofValue().toInt()