hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 07:45:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Making getter flow through 'copy' more general (copy can appear in any part of the call name now.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-03-10 11:34:26 -04:00
parent 6a4659fc7e
commit bd07b8a4c7
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/experimental/Quantum/OpenSSL/OpenSSLAlgorithmGetter.qll
View File

@@ -31,7 +31,7 @@ class CopyAndDupAlgorithmPassthroughCall extends AlgorithmPassthroughCall {
// Assume flow in and out is asIndirectExpr or asDefinitingArgument since a pointer is assumed
// to be involved
// NOTE: not attempting to detect openssl specific copy/dup functions, but anything suspected to be copy/dup
this.getTarget().getName().toLowerCase().matches(["%_dup", "%_copy"]) and
this.getTarget().getName().toLowerCase().matches(["%_dup%", "%_copy%"]) and
exists(Expr inArg, Type t |
inArg = this.getAnArgument() and t = inArg.getUnspecifiedType().stripType()
|