C++: Exclude memsets that clear a variable that has no other uses.

2026-04-26 09:15:12 +02:00 · 2021-02-25 21:27:12 +01:00
parent 2777ca445e
commit faadcd913e
1 changed files with 4 additions and 0 deletions
--- a/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql
+++ b/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql
@@ -52,6 +52,10 @@ where
  // Reference-typed variables get special treatment in `variableAddressEscapesTree` so we leave them
  // out of this query.
  not v.getUnspecifiedType() instanceof ReferenceType and
+  // `v` is not only just used in the call to `memset`.
+  exists(Access acc |
+    acc = v.getAnAccess() and not call.getArgument(0).getAChild*() = acc and not acc.isUnevaluated()
+  ) and
  // There is no later use of `v`.
  not v.getAnAccess() = call.getASuccessor*() and
  // Not using the `-fno-builtin-memset` flag