Merge pull request #2692 from jbj/pure-string-read

C++: Model that string functions read their buffer

cpp/ql/src/semmle/code/cpp/models/implementations/Pure.qll

@@ -83,6 +83,11 @@ class PureStrFunction extends AliasFunction, ArrayFunction, TaintFunction, SideE
   override predicate hasOnlySpecificReadSideEffects() { none() }
 
   override predicate hasOnlySpecificWriteSideEffects() { any() }
+
+  override predicate hasSpecificReadSideEffect(ParameterIndex i, boolean buffer) {
+    getParameter(i).getUnspecifiedType() instanceof PointerType and
+    buffer = true
+  }
 }
 
 class PureFunction extends TaintFunction, SideEffectFunction {