[DIFF-INFORMED] Go: AllocationSizeOverflow

https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/go/ql/src/Security/CWE-190/AllocationSizeOverflow.ql#L24
2025-12-16 16:53:25 +01:00 · 2025-07-16 11:07:21 +02:00
parent 53e1939b60
commit e0d16a863b
1 changed files with 11 additions and 0 deletions
--- a/go/ql/lib/semmle/go/security/AllocationSizeOverflow.qll
+++ b/go/ql/lib/semmle/go/security/AllocationSizeOverflow.qll
@@ -56,6 +56,17 @@ module AllocationSizeOverflow {
        succ = c
      )
    }
+
+    predicate observeDiffInformedIncrementalMode() { any() }
+
+    Location getASelectedSinkLocation(DataFlow::Node sink) {
+      result = sink.getLocation()
+      or
+      exists(DataFlow::Node allocsz |
+        isSinkWithAllocationSize(sink, allocsz) and
+        result = allocsz.getLocation()
+      )
+    }
  }

  /** Tracks taint flow to find allocation-size overflows. */