Merge pull request #12855 from MathiasVP/fix-joins-in-use-after-free

C++: Fix bad self-join in `cpp/use-after-free`
2025-12-24 04:36:35 +01:00 · 2023-04-18 17:13:03 +01:00
parent 09502c60d5 61aba4683f
commit fb1a871777
1 changed files with 2 additions and 1 deletions
--- a/cpp/ql/src/Critical/UseAfterFree.ql
+++ b/cpp/ql/src/Critical/UseAfterFree.ql
@@ -128,7 +128,8 @@ module ParameterSinks {
      callHasTargetAndArgument(f, i, call, argument) and
      initializeParameterInFunction(f, i, p) and
      p = getAnAlwaysDereferencedParameter() and
-      result = pragma[only_bind_out](valueNumber(argument).getAnInstruction()) and
+      result =
+        pragma[only_bind_out](pragma[only_bind_into](valueNumber(argument)).getAnInstruction()) and
      call = getAnAlwaysReachedCallInstruction(_)
    )
  }