[zlaski/memset-model] Add AliasFunction as base class of MemsetFunction; override predicates parameterNeverEscapes, parameterEscapesOnlyViaReturn and parameterIsAlwaysReturned.

2025-12-21 19:26:31 +01:00 · 2019-09-26 16:14:07 -07:00
parent aaa2a60b93
commit ae169e9c33
1 changed files with 14 additions and 1 deletions
--- a/cpp/ql/src/semmle/code/cpp/models/implementations/Memset.qll
+++ b/cpp/ql/src/semmle/code/cpp/models/implementations/Memset.qll
@@ -1,11 +1,12 @@
 import semmle.code.cpp.Function
 import semmle.code.cpp.models.interfaces.ArrayFunction
 import semmle.code.cpp.models.interfaces.DataFlow
+import semmle.code.cpp.models.interfaces.Alias

 /**
 * The standard function `memset` and its assorted variants
 */
-class MemsetFunction extends ArrayFunction, DataFlowFunction {
+class MemsetFunction extends ArrayFunction, DataFlowFunction, AliasFunction {
  MemsetFunction() {
    hasGlobalName("memset") or
    hasGlobalName("wmemset") or
@@ -27,4 +28,16 @@ class MemsetFunction extends ArrayFunction, DataFlowFunction {
    bufParam = 0 and
    (if hasGlobalName("bzero") then countParam = 1 else countParam = 2)
  }
+  
+  override predicate parameterNeverEscapes(int index) {
+  	hasGlobalName("bzero") and index = 0
+  }
+  
+  override predicate parameterEscapesOnlyViaReturn(int index) {
+  	not hasGlobalName("bzero") and index = 0
+  }
+  
+  override predicate parameterIsAlwaysReturned(int index) {
+  	not hasGlobalName("bzero") and index = 0
+  }
 }