File tree Expand file tree Collapse file tree
cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference Expand file tree Collapse file tree Original file line number Diff line number Diff line change 2121 * actually being dereferenced. We do this using a regular dataflow configuration (see `InvalidPointerToDerefConfig`).
2222 *
2323 * This dataflow traversal defines the set of sources as any dataflow node that is non-strictly upper-bounded by the
24- * pointer-arithmetic instruction identified by `AllocationToInvalidPointer.qll`. (TOOD : I'm pretty sure this is incorrect,
24+ * pointer-arithmetic instruction identified by `AllocationToInvalidPointer.qll`. (TODO : I'm pretty sure this is incorrect,
2525 * and we should define the set of sources as anything that is non-strictly _lower_ bounded by the pointer-arithmetic
2626 * instruction). That is, the set of sources is any dataflow node `source` such that `source.asInstruction <= pai + delta1`
2727 * for some `delta1 >= 0`.
You can’t perform that action at this time.
0 commit comments