hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Only recognize signed integers as sinks in 'cpp/uncontrolled-arithmetic' in the case of overflow.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2021-12-20 14:02:44 +01:00
parent b49ca6a24c
commit 95fa93b274
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
View File

@@ -82,8 +82,11 @@ predicate missingGuard(VariableAccess va, string effect) {
op.getUnspecifiedType().(IntegralType).isUnsigned() and
not op instanceof MulExpr
or
// overflow
missingGuardAgainstOverflow(op, va) and effect = "overflow"
// overflow - only report signed integer overflow since unsigned overflow
// is well-defined.
op.getUnspecifiedType().(IntegralType).isSigned() and
missingGuardAgainstOverflow(op, va) and
effect = "overflow"
)
}