hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix result duplication.

Browse Source
This commit is contained in:
Geoffrey White
2023-01-06 11:05:21 +00:00
parent b3e82498fa
commit bb451f3911
3 changed files with 6 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/src/Security/CWE/CWE-190/TaintedAllocationSize.ql
View File

@@ -88,6 +88,10 @@ class TaintedAllocationSizeConfiguration extends TaintTracking::Configuration {
readsVariable(access.getDef(), checkedVar) and
nodeIsBarrierEqualityCandidate(node, access, checkedVar)
)
or
// block flow to inside of identified allocation functions (this flow leads
// to duplicate results)
any(HeuristicAllocationFunction f).getAParameter() = node.asParameter()
}
}