diff --git a/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll b/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
index d41537a71ff..9fb168b7044 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
@@ -128,7 +128,8 @@ private module SizeBarrier {
   }
 
   /**
-   * Holds if `small < large + state` holds if `g` evaluates to `edge`.
+   * Holds if `left < large + state` holds if `g` evaluates to `edge`, where `large` is some
+   * value that is equal to the size argument of an allocation.
    */
   private predicate operandGuardChecks(IRGuardCondition g, Operand left, int state, boolean edge) {
     exists(DataFlow::Node nLeft, DataFlow::Node nRight, int k |