mirror of
https://github.com/github/codeql.git
synced 2026-04-26 09:15:12 +02:00
fd4967e6f1
Requiring strict inclusion between types turned out to cause false positives in `SnprintfOverflow`, which relied indirectly on `RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds checks. This query was particularly affected because `snprintf` returns `int` (signed) but takes `size_t` (unsigned), so conversions are bound to happen.