Merge pull request #12325 from MathiasVP/gets-return-deref

C++: Make `gets` indirect output a LocalFlowSource
2025-12-23 12:16:33 +01:00 · 2023-02-27 18:39:36 +00:00
parent 9c202f508f a4c075f03b
commit f9c724d9a3
1 changed files with 5 additions and 4 deletions
--- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll
+++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll
@@ -97,10 +97,11 @@ private class GetsFunction extends DataFlowFunction, ArrayFunction, AliasFunctio
  }

  override predicate hasLocalFlowSource(FunctionOutput output, string description) {
-    output.isParameterDeref(0) and
-    description = "string read by " + this.getName()
-    or
-    output.isReturnValue() and
+    (
+      output.isParameterDeref(0) or
+      output.isReturnValue() or
+      output.isReturnValueDeref()
+    ) and
    description = "string read by " + this.getName()
  }