hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Only the second indirection of the argument should be the remote flow source.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-11-02 16:51:24 +00:00
parent b82dfa9a21
commit 392b2af923
2 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/semmle/code/cpp/models/implementations/Inet.qll
View File

@@ -157,7 +157,7 @@ private class Getaddrinfo extends TaintFunction, ArrayFunction, RemoteFlowSource
override predicate hasArrayWithNullTerminator(int bufParam) { bufParam in [0, 1] }
override predicate hasRemoteFlowSource(FunctionOutput output, string description) {
output.isParameterDeref(3) and
output.isParameterDeref(3, 2) and
description = "address returned by " + this.getName()
}
}