C++: Reformulate the sanitizer in 'NonConstantFormat.ql'. It should no longer incorrectly sanitize indirect nodes for which there is no result for 'asIndirectExpr'.

2025-12-23 20:26:32 +01:00 · 2023-01-27 10:04:48 +00:00
parent bfe9ae22ad
commit e8db563e98
1 changed files with 1 additions and 2 deletions
--- a/Bugs/Format/NonConstantFormat.ql
+++ b/Bugs/Format/NonConstantFormat.ql
@@ -120,8 +120,7 @@ pragma[noinline]
 predicate isSanitizerNode(DataFlow::Node node) {
  underscoreMacro(node.asExpr())
  or
-  not exists(node.asIndirectExpr()) and
-  not exists(node.asDefiningArgument()) and
+  exists(node.asExpr()) and
  cannotContainString(node.getType(), false)
 }