hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 01:38:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5d08da545571ee6704af03ab64faaa6e22e677f
codeql/change-notes/1.25/analysis-cpp.md
Tom Hvitved c837ab7d1a Apply suggestions from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
2020-05-11 11:42:50 +02:00

1.2 KiB
Raw Blame History

Improvements to C/C++ analysis

The following changes in version 1.25 affect C/C++ analysis in all applications.

General improvements

New queries

Query Tags Purpose

Changes to existing queries

Query Expected impact Change

Changes to libraries

  • The data-flow library has been improved, which affects most security queries by potentially adding more results. Flow through functions now takes nested field reads/writes into account. For example, the library is able to track flow from taint() to sink() via the method getf2f1() in 
    struct C {
    int f1;
};

struct C2
{
    C f2;

    int getf2f1() {
        return f2.f1; // Nested field read
    }

    void m() {
        f2.f1 = taint();
        sink(getf2f1()); // NEW: taint() reaches here
    }
};