hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll

Browse Source 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
This commit is contained in:
Mathias Vorreiter Pedersen
2023-07-21 09:32:14 +01:00
committed by GitHub
parent 922f4d5496
commit 369cee9ed9
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll
View File

@@ -21,7 +21,7 @@
* actually being dereferenced. We do this using a regular dataflow configuration (see `InvalidPointerToDerefConfig`).
*
* This dataflow traversal defines the set of sources as any dataflow node that is non-strictly upper-bounded by the
* pointer-arithmetic instruction identified by `AllocationToInvalidPointer.qll`. (TOOD: I'm pretty sure this is incorrect,
* pointer-arithmetic instruction identified by `AllocationToInvalidPointer.qll`. (TODO: I'm pretty sure this is incorrect,
* and we should define the set of sources as anything that is non-strictly _lower_ bounded by the pointer-arithmetic
* instruction). That is, the set of sources is any dataflow node `source` such that `source.asInstruction <= pai + delta1`
* for some `delta1 >= 0`.