hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 15:05:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Reject invalid results from getFirstFormatArgumentIndex()

Browse Source
This commit is contained in:
Calum Grant
2024-10-17 10:50:44 +01:00
parent 5315a5cfbf
commit 4341fab794
2 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll
View File

@@ -50,8 +50,6 @@ private class Fprintf extends FormattingFunction, NonThrowingFunction {
override int getFormatParameterIndex() { result = 1 }
override int getOutputParameterIndex(boolean isStream) { result = 0 and isStream = true }
override int getFirstFormatArgumentIndex() { result = 2 }
}
/**

1
cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll
View File

@@ -125,6 +125,7 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction {
// The formatting function either has a definition in the snapshot, or all
// `DeclarationEntry`s agree on the number of parameters (otherwise we don't
// really know the correct number)
result > 0 and // Avoid invalid declarations
if this.hasDefinition()
then result = this.getDefinition().getNumberOfParameters()
else result = this.getNumberOfExplicitParameters()