hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Switched to DataFlow::localFlow to avoid false positives.

Browse Source
This commit is contained in:
Raul Garcia
2019-01-03 10:06:49 -08:00
parent 28932e85d9
commit 2c1d7bbc41
1 changed files with 4 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql
View File

@@ -33,31 +33,11 @@ predicate isBoolean( Expr e1 )
)
}
class StringCopyToBooleanConfiguration extends DataFlow::Configuration {
StringCopyToBooleanConfiguration() {
this = "StringCopyToBooleanConfiguration"
}
override predicate isSource(DataFlow::Node source) {
exists( FunctionCall func |
func = source.asExpr()
and isStringComparisonFunction( func.getTarget().getQualifiedName())
)
}
override predicate isSink(DataFlow::Node sink) {
exists( Expr expr1 |
expr1 = sink.asExpr()
and isBoolean( expr1.getConversion*())
)
}
}
predicate isStringCopyCastedAsBoolean( FunctionCall func, Expr expr1, string msg ) {
exists( StringCopyToBooleanConfiguration modeConfig |
modeConfig.hasFlow(DataFlow::exprNode(func), DataFlow::exprNode(expr1))
and msg = "Return Value of " + func.getTarget().getQualifiedName() + " used as boolean."
)
DataFlow::localFlow(DataFlow::exprNode(func), DataFlow::exprNode(expr1))
and isBoolean( expr1.getConversion*())
and isStringComparisonFunction( func.getTarget().getQualifiedName())
and msg = "Return Value of " + func.getTarget().getQualifiedName() + " used as boolean."
}
predicate isStringCopyUsedInCondition( FunctionCall func, Expr expr1, string msg ) {