hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12325 from MathiasVP/gets-return-deref

Browse Source 
C++: Make `gets` indirect output a LocalFlowSource
This commit is contained in:
Mathias Vorreiter Pedersen
2023-02-27 18:39:36 +00:00
committed by GitHub
parent 9c202f508f a4c075f03b
commit f9c724d9a3
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll
View File

@@ -97,10 +97,11 @@ private class GetsFunction extends DataFlowFunction, ArrayFunction, AliasFunctio
} }
override predicate hasLocalFlowSource(FunctionOutput output, string description) { override predicate hasLocalFlowSource(FunctionOutput output, string description) {
output.isParameterDeref(0) and (
description = "string read by " + this.getName() output.isParameterDeref(0) or
or output.isReturnValue() or
output.isReturnValue() and output.isReturnValueDeref()
) and
description = "string read by " + this.getName() description = "string read by " + this.getName()
} }