CPP: Fix the initialized array case in getBufferSize.

2026-04-30 19:26:02 +02:00 · 2018-10-01 17:33:18 +01:00
parent 628540cf7b
commit c747f24b39
1 changed files with 4 additions and 0 deletions
--- a/cpp/ql/src/semmle/code/cpp/commons/Buffer.qll
+++ b/cpp/ql/src/semmle/code/cpp/commons/Buffer.qll
@@ -58,6 +58,10 @@ int getBufferSize(Expr bufferExpr, Element why) {
      // buffer is an initialized array
      //  e.g. int buffer[] = {1, 2, 3};
      why = bufferVar.getInitializer().getExpr() and
+      (
+        why instanceof AggregateLiteral or
+        why instanceof StringLiteral
+      ) and
      result = why.(Expr).getType().(ArrayType).getSize() and
      not exists(bufferVar.getType().getUnspecifiedType().(ArrayType).getSize())
    ) or exists(Class parentClass, VariableAccess parentPtr |