hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix strncpy model.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-06-18 13:13:28 +01:00
parent 273e5bc21f
commit fe97572f70
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll
View File

@@ -108,7 +108,7 @@ class StrcpyFunction extends ArrayFunction, DataFlowFunction, TaintFunction, Sid
// these may do only a partial copy of the input buffer to the output // these may do only a partial copy of the input buffer to the output
// buffer // buffer
exists(this.getParamSize()) and exists(this.getParamSize()) and
input.isParameter(this.getParamSrc()) and input.isParameterDeref(this.getParamSrc()) and
( (
output.isParameterDeref(this.getParamDest()) or output.isParameterDeref(this.getParamDest()) or
output.isReturnValueDeref() output.isReturnValueDeref()

2
cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
View File

@@ -709,5 +709,5 @@ char * strncpy (char *, const char *, unsigned long);
void test_strncpy(char* d, char* s) { void test_strncpy(char* d, char* s) {
argument_source(s); argument_source(s);
strncpy(d, s, 16); strncpy(d, s, 16);
sink(d); // $ ast MISSING: ir sink(d); // $ ast ir
} }