hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Ignore gets'es with incorrect parameter counts

Browse Source
This commit is contained in:
Jeroen Ketema
2024-06-04 11:13:10 +02:00
parent a83d50062e
commit 66077dc38d
3 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cpp/ql/src/Security/CWE/CWE-676/DangerousFunctionOverflow.ql
View File

@@ -17,5 +17,6 @@ import cpp
from FunctionCall call, Function target
where
call.getTarget() = target and
target.hasGlobalOrStdName("gets")
target.hasGlobalOrStdName("gets") and
target.getNumberOfParameters() = 1
select call, "'gets' does not guard against buffer overflow."