C++: Include ComplementExpr as a sanitizer.

2026-04-30 19:26:02 +02:00 · 2021-07-12 11:53:47 +02:00
parent d2cc0d3925
commit 04dcef5ec4
1 changed files with 5 additions and 2 deletions
--- a/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
+++ b/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
@@ -103,8 +103,11 @@ class UncontrolledArithConfiguration extends TaintTracking::Configuration {
    // If this expression is part of bitwise 'and' or 'or' operation it's likely that the value is
    // only used as a bit pattern.
    node.asExpr() =
-      any(BinaryBitwiseOperation op | op instanceof BitwiseOrExpr or op instanceof BitwiseAndExpr)
-          .getAnOperand*()
+      any(Operation op |
+        op instanceof BitwiseOrExpr or
+        op instanceof BitwiseAndExpr or
+        op instanceof ComplementExpr
+      ).getAnOperand*()
  }
 }