mirror of
https://github.com/github/codeql.git
synced 2026-02-21 09:23:40 +01:00
23 lines
626 B
Plaintext
23 lines
626 B
Plaintext
/**
|
|
* Provides an implementation class modeling the POSIX function `getenv` and
|
|
* various similar functions.
|
|
*/
|
|
|
|
import cpp
|
|
import semmle.code.cpp.models.interfaces.FlowSource
|
|
|
|
/**
|
|
* The POSIX function `getenv`, the GNU function `secure_getenv`, and the
|
|
* Windows function `_wgetenv`.
|
|
*/
|
|
class Getenv extends LocalFlowSourceFunction {
|
|
Getenv() {
|
|
this.hasGlobalOrStdOrBslName("getenv") or this.hasGlobalName(["secure_getenv", "_wgetenv"])
|
|
}
|
|
|
|
override predicate hasLocalFlowSource(FunctionOutput output, string description) {
|
|
output.isReturnValueDeref() and
|
|
description = "an environment variable"
|
|
}
|
|
}
|