hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: autoformat

Browse Source
This commit is contained in:
Robert Marsh
2020-11-13 16:14:07 -08:00
parent 29eacbd28b
commit 525aeb6551
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
View File

@@ -222,7 +222,6 @@ private predicate nodeIsBarrierIn(DataFlow::Node node) {
not predictableInstruction(iTo.getRight()) and
// propagate taint from either the pointer or the offset, regardless of predictability
not iTo instanceof PointerArithmeticInstruction
)
or
// don't use dataflow through calls to pure functions if two or more operands
@@ -473,7 +472,14 @@ private Element adjustedSink(DataFlow::Node sink) {
// Taint `e1 += e2`, `e &= e2` and friends when `e1` or `e2` is tainted.
result.(AssignOperation).getAnOperand() = sink.asExpr()
or
result = sink.asOperand().(SideEffectOperand).getUse().(ReadSideEffectInstruction).getArgumentDef().getUnconvertedResultExpression()
result =
sink
.asOperand()
.(SideEffectOperand)
.getUse()
.(ReadSideEffectInstruction)
.getArgumentDef()
.getUnconvertedResultExpression()
}
/**

4
cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.ql
View File

@@ -1,9 +1,7 @@
import semmle.code.cpp.ir.dataflow.DefaultTaintTracking
class SourceConfiguration extends TaintedWithPath::TaintTrackingConfiguration {
override predicate isSink(Element e) {
any()
}
override predicate isSink(Element e) { any() }
}
from Expr source, Element tainted