hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fill out ArrayFunction model for 'fgets'.

Browse Source
This commit is contained in:
Geoffrey White
2020-06-03 14:36:33 +01:00
parent 1b8f3c4b84
commit b38a7a9ffc
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cpp/ql/src/semmle/code/cpp/models/implementations/Gets.qll
View File

@@ -48,4 +48,16 @@ class GetsFunction extends DataFlowFunction, TaintFunction, ArrayFunction, Alias
output.isParameterDeref(0) and
description = "String read by " + this.getName()
}
override predicate hasArrayWithVariableSize(int bufParam, int countParam) {
not hasGlobalOrStdName("gets") and
bufParam = 0 and countParam = 1
}
override predicate hasArrayWithUnknownSize(int bufParam) {
hasGlobalOrStdName("gets") and
bufParam = 0
}
override predicate hasArrayOutput(int bufParam) { bufParam = 0 }
}