hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: release note for DefaultTaintTracking

Browse Source
This commit is contained in:
Robert Marsh
2020-02-19 14:32:49 -08:00
parent 82f2540dde
commit 8ea5739b7a
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
change-notes/1.24/analysis-cpp.md
View File

@@ -46,3 +46,4 @@ The following changes in version 1.24 affect C/C++ analysis in all applications.
the following improvements:
* The library now models data flow through `strdup` and similar functions.
* The library now models data flow through formatting functions such as `sprintf`.
* The security pack taint tracking library (`semmle.code.cpp.security.TaintTracking`) uses a new intermediate representation. This provides a more precise analysis of pointers to stack variables and flow through parameters, removing false positives and adding true positives in many security queries.