hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: We don't need to check type equivalence at the end anymore: the dataflow state now precisely tracks the types.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-03-07 14:29:39 +00:00
parent ce6366f023
commit f2b311a008
1 changed files with 2 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
View File

@@ -82,15 +82,7 @@ predicate introducesNewField(Class derived, Class base) {
module CastToPointerArithFlow = DataFlow::MakeWithState<CastToPointerArithFlowConfig>; module CastToPointerArithFlow = DataFlow::MakeWithState<CastToPointerArithFlowConfig>;
pragma[nomagic] from CastToPointerArithFlow::PathNode source, CastToPointerArithFlow::PathNode sink
predicate hasFullyConvertedType(CastToPointerArithFlow::PathNode node, Type t) { where CastToPointerArithFlow::hasFlowPath(source, sink)
getFullyConvertedType(node.getNode()) = t
}
from CastToPointerArithFlow::PathNode source, CastToPointerArithFlow::PathNode sink, Type t
where
CastToPointerArithFlow::hasFlowPath(pragma[only_bind_into](source), pragma[only_bind_into](sink)) and
hasFullyConvertedType(source, t) and
hasFullyConvertedType(sink, t)
select sink, source, sink, "This pointer arithmetic may be done with the wrong type because of $@.", select sink, source, sink, "This pointer arithmetic may be done with the wrong type because of $@.",
source, "this cast" source, "this cast"