hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

CPP: Optimize isRandValue.

Browse Source
This commit is contained in:
Geoffrey White
2020-01-09 12:10:59 +00:00
parent d918cb1f6f
commit 50c0ec1cb1
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
View File

@@ -16,12 +16,19 @@ import semmle.code.cpp.security.Overflow
import semmle.code.cpp.security.Security
import semmle.code.cpp.security.TaintTracking
predicate isRandCall(FunctionCall fc) { fc.getTarget().getName() = "rand" }
predicate isRandCallOrParent(Expr e) {
isRandCall(e) or
isRandCallOrParent(e.getAChild())
}
predicate isRandValue(Expr e) {
e.(FunctionCall).getTarget().getName() = "rand"
isRandCall(e)
or
exists(MacroInvocation mi |
e = mi.getExpr() and
e.getAChild*().(FunctionCall).getTarget().getName() = "rand"
isRandCallOrParent(e)
)
}