C++: Exclude results where the address of the variable is taken.

2026-05-04 21:25:44 +02:00 · 2021-10-01 14:37:41 +01:00
parent d41e517757
commit 11d7a0b712
3 changed files with 2 additions and 2 deletions
--- a/Management/ImproperNullTermination.ql
+++ b/Management/ImproperNullTermination.ql
@@ -53,6 +53,7 @@ class ImproperNullTerminationReachability extends StackVariableReachabilityWithR
  override predicate isBarrier(ControlFlowNode node, StackVariable v) {
    exprDefinition(v, node, _) or
    mayAddNullTerminator(node, v.getAnAccess()) or
+    node.(AddressOfExpr).getOperand() = v.getAnAccess() or // address taken
    isSinkActual(node, v) // only report first use
  }
 }
--- a/Management/ImproperNullTermination/ImproperNullTermination.expected
+++ b/Management/ImproperNullTermination/ImproperNullTermination.expected
@@ -26,4 +26,3 @@
 | test.cpp:421:19:421:25 | buffer2 | Variable $@ may not be null terminated. | test.cpp:419:8:419:14 | buffer2 | buffer2 |
 | test.cpp:448:17:448:22 | buffer | Variable $@ may not be null terminated. | test.cpp:446:8:446:13 | buffer | buffer |
 | test.cpp:454:18:454:23 | buffer | Variable $@ may not be null terminated. | test.cpp:452:8:452:13 | buffer | buffer |
-| test.cpp:502:10:502:18 | after_ptr | Variable $@ may not be null terminated. | test.cpp:497:9:497:17 | after_ptr | after_ptr |
--- a/Management/ImproperNullTermination/test.cpp
+++ b/Management/ImproperNullTermination/test.cpp
@@ -499,6 +499,6 @@ void test_strtol()

 		strcpy(buffer, "123abc");
 		num = strtol("123abc", &after_ptr, 10);
-		strlen(after_ptr); // GOOD [FALSE POSITIVE]
+		strlen(after_ptr); // GOOD
 	}
 }