hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-13 11:04:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address review: update QLDoc comment and fix expected test output

Browse Source 
- Clarify that arithmeticUsedInBoundsCheck applies to if-condition
  comparisons, not all comparisons
- Update expected test line numbers to reflect added test calls
This commit is contained in:
MarkLee131
2026-03-29 11:53:06 +08:00
parent b595a70384
commit e6adfbca77
2 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/lib/semmle/code/java/security/ArithmeticCommon.qll
View File

@@ -138,9 +138,9 @@ predicate overflowIrrelevant(Expr exp) {
/**
* Holds if `exp` is an arithmetic expression used directly as an operand of a
* comparison, indicating it is part of a bounds check rather than a vulnerable
* computation. For example, in `if (off + len > array.length)`, the addition
* is the bounds check itself.
* comparison in an `if`-condition, indicating it is part of a bounds check
* rather than a vulnerable computation. For example, in
* `if (off + len > array.length)`, the addition is the bounds check itself.
*/
private predicate arithmeticUsedInBoundsCheck(ArithExpr exp) {
exists(ComparisonExpr comp |