hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Don't allow 'x < 0' as a barrier guard.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-10-09 14:17:56 +01:00
parent c883aa09f8
commit 61a012fc6c
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/src/Security/CWE/CWE-129/ImproperArrayIndexValidation.ql
View File

@@ -25,11 +25,11 @@ predicate isFlowSource(FS::FlowSource source, string sourceType) {
predicate guardChecks(IRGuardCondition g, Expr e, boolean branch) {
exists(Operand op | op.getDef().getConvertedResultExpression() = e |
// op < k
g.comparesLt(op, _, true, any(BooleanValue bv | bv.getValue() = branch))
// `op < k` is true and `k > 0`
g.comparesLt(op, any(int k | k > 0), true, any(BooleanValue bv | bv.getValue() = branch))
or
// op < _ + k
g.comparesLt(op, _, _, true, branch)
// `op < _ + k` is true and `k > 0`.
g.comparesLt(op, _, any(int k | k > 0), true, branch)
or
// op == k
g.comparesEq(op, _, true, any(BooleanValue bv | bv.getValue() = branch))