codeql/2026-03-28-tainted-arithmetic-bounds-check.md at 628f85aebcf23ee9a7a944c8ca8d00aefc00b8eb

mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00

Files

Kaixuan Li b595a70384 Update java/ql/lib/change-notes/2026-03-28-tainted-arithmetic-bounds-check.md

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

2026-03-29 11:45:27 +08:00

category

category
minorAnalysis

The java/tainted-arithmetic query no longer flags arithmetic expressions that are used directly as an operand of a comparison in if-condition bounds-checking patterns. For example, if (off + len > array.length) is now recognized as a bounds check rather than a potentially vulnerable computation, reducing false positives.