Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp

ihsinme · MathiasVP · web-flow · commit 3e715ff52d0e · 2021-01-14T17:19:23.000+03:00
Co-authored-by: Mathias Vorreiter Pedersen &lt;mathiasvp@github.com&gt;
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp b/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp
@@ -4,7 +4,7 @@
 <qhelp>
 <overview>
 <p>Compiler optimization will exclude the cleaning of private information.
-Using the memset function to clear private data as a final expression when working with a variable is potentially dangerous, since the compiler can optimize this call.
+Using the <code>memset</code> function to clear private data in a variable that has no subsequent use is potentially dangerous, since the compiler can remove the call.
 For some compilers, optimization is also possible when using calls to free memory after the <code>memset</codee> function.</p>
 
 <p>It is possible to miss detection of vulnerabilities if used to clear fields of structures or parts of a buffer.</p>
