hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix upper bound detection in default taint flow

Browse Source
This commit is contained in:
Jeroen Ketema
2022-11-24 14:38:36 +01:00
parent d9fab8afd9
commit 223eeb6921
8 changed files with 2 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Security/CWE/CWE-190/TaintedAllocationSize.ql
View File

@@ -81,7 +81,7 @@ class TaintedAllocationSizeConfiguration extends TaintTracking::Configuration {
)
or
exists(Variable checkedVar |
readsVariable(node.asInstruction(), checkedVar) and
node.asExpr().(VariableAccess).getTarget() = checkedVar and
hasUpperBoundsCheck(checkedVar)
)
or