From 9c5d7350dc3c96c0ef28e2cdc406ad783ef6c403 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Fri, 25 Aug 2023 10:25:28 +0100
Subject: [PATCH] C++: Add a small amount of pruning to 'SizeBarrierConfig'.

---
 .../AllocationToInvalidPointer.qll                          | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll b/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
index 25b456e9282..1235969f19f 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
@@ -222,6 +222,12 @@ private module InterestingPointerAddInstruction {
     )
   }
 
+  /**
+   * Holds if `n` is a size of an allocation whose result flows to the left operand
+   * of a pointer-arithmetic instruction.
+   *
+   * This predicate is used to reduce the set of tuples in `SizeBarrierConfig::isSource`.
+   */
   predicate isInterestingSize(DataFlow::Node n) {
     exists(DataFlow::Node alloc |
       hasSize(alloc.asConvertedExpr(), n, _) and