mirror of
https://github.com/github/codeql.git
synced 2026-04-25 16:55:19 +02:00
Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access
This commit is contained in:
@@ -55,3 +55,11 @@ function badContains(a, elt) {
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
// OK - incorrect upper bound, but extra check
|
||||
function badContains2(a, elt) {
|
||||
for (let i = 0; i <= a.length; ++i)
|
||||
if (i < a.length && a[i] === elt)
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user