mirror of
https://github.com/github/codeql.git
synced 2025-12-20 10:46:30 +01:00
fd4967e6f1
Requiring strict inclusion between types turned out to cause false positives in `SnprintfOverflow`, which relied indirectly on `RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds checks. This query was particularly affected because `snprintf` returns `int` (signed) but takes `size_t` (unsigned), so conversions are bound to happen.