hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Stop flow from going through another source

Browse Source 
Without this we get confusing results:
```
    char *userAndFile = argv[2];
    char *fileName = argv[1];
    fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without
                            // this change.
```

While here add some more test cases.
This commit is contained in:
Jeroen Ketema
2022-11-26 09:23:07 +01:00
parent 63334764d7
commit 718663415b
4 changed files with 47 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Security/CWE/CWE-022/TaintedPath.ql
View File

@@ -73,6 +73,8 @@ class TaintedPathConfiguration extends TaintTracking::Configuration {
fileFunction.outermostWrapperFunctionCall(asSinkExpr(node), _)
)
}
override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) }
}
from