mirror of
https://github.com/github/codeql.git
synced 2025-12-21 11:16:30 +01:00
26 lines
672 B
Plaintext
26 lines
672 B
Plaintext
/**
|
|
* Provides an implementation class modeling the POSIX function `getenv` and
|
|
* various similar functions.
|
|
*/
|
|
|
|
import cpp
|
|
import semmle.code.cpp.models.interfaces.FlowSource
|
|
|
|
/**
|
|
* The POSIX function `getenv`, the GNU function `secure_getenv`, and the
|
|
* Windows function `_wgetenv`.
|
|
*/
|
|
class Getenv extends LocalFlowSourceFunction {
|
|
Getenv() {
|
|
this.hasGlobalOrStdOrBslName("getenv") or this.hasGlobalName(["secure_getenv", "_wgetenv"])
|
|
}
|
|
|
|
override predicate hasLocalFlowSource(FunctionOutput output, string description) {
|
|
(
|
|
output.isReturnValueDeref() or
|
|
output.isReturnValue()
|
|
) and
|
|
description = "an environment variable"
|
|
}
|
|
}
|