hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: More pruning.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-08-24 16:40:57 +01:00
parent bdad9e197b
commit ded06a77d0
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll
View File

@@ -101,7 +101,8 @@ private module SizeBarrier {
predicate isSource(DataFlow::Node source) { predicate isSource(DataFlow::Node source) {
// The sources is the same as in the sources for the second // The sources is the same as in the sources for the second
// projection in the `AllocToInvalidPointerConfig` module. // projection in the `AllocToInvalidPointerConfig` module.
hasSize(_, source, _) hasSize(_, source, _) and
InterestingPointerAddInstruction::isInterestingSize(source)
} }
/** /**
@@ -220,6 +221,13 @@ private module InterestingPointerAddInstruction {
flowTo(n) flowTo(n)
) )
} }
predicate isInterestingSize(DataFlow::Node n) {
exists(DataFlow::Node alloc |
hasSize(alloc.asConvertedExpr(), n, _) and
flow(alloc, _)
)
}
} }
/** /**