Update CompilerRemovalOfCodeToClearBuffers.ql

2026-04-30 11:15:13 +02:00 · 2021-01-20 16:24:43 +03:00
parent dcbae8b22b
commit 4c9de4574a
1 changed files with 3 additions and 0 deletions
--- a/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
@@ -12,6 +12,7 @@

 import cpp
 import semmle.code.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.StackAddress

 /**
 * A call to `memset` of the form `memset(ptr, value, num)`, for some local variable `ptr`.
@@ -34,6 +35,8 @@ class CompilerRemovaMemset extends FunctionCall {
      this.getArgument(0) = v.getAnAccess() and
      alloc.getASuccessor+() = this
    )
+    or
+    not stackPointerFlowsToUse(this.getArgument(0), _, _, _)
  }

  predicate isExistsFreeForThisVariable() {