hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Violation message.

Browse Source
This commit is contained in:
Geoffrey White
2020-12-16 15:58:27 +00:00
parent 2210344f4d
commit 1e3535754b
2 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql
View File

@@ -33,10 +33,8 @@ class MultToAllocConfig extends DataFlow::Configuration {
}
}
string describe(DataFlow::PathNode n) {
result = n.getNode().asExpr().getEnclosingFunction().getName()
}
from MultToAllocConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink, source, sink, "$@ in " + concat(describe(source), ", "), source, "here"
select sink, source, sink,
"Potentially overflowing value from $@ is used in the size of this allocation.", source,
"multiplication"