codeql/InBounds.ql at remove-javascript - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Files

Cornelius Riemenschneider 1c9fa4eb1d This library proves that a subset of pointer dereferences in a program are safe, i.e. in-bounds.

It does so by first defining what a pointer dereference is (on the IR
`Instruction` level), and then using the array length analysis and the range
analysis together to prove that some of these pointer dereferences are safe.

2020-05-06 16:36:48 +02:00

7 lines

171 B

Plaintext

Raw Permalink Blame History

 import cpp
 import experimental.semmle.code.cpp.rangeanalysis.InBoundsPointerDeref
 from PointerDereferenceInstruction ptrAccess
 where inBounds(ptrAccess)
 select ptrAccess