C++: release note for DefaultTaintTracking

Robert Marsh · Robert Marsh · commit 8ea5739b7aa8 · 2020-02-19T14:32:49.000-08:00
diff --git a/change-notes/1.24/analysis-cpp.md b/change-notes/1.24/analysis-cpp.md
@@ -46,3 +46,4 @@ The following changes in version 1.24 affect C/C++ analysis in all applications.
   the following improvements:
   * The library now models data flow through `strdup` and similar functions.
   * The library now models data flow through formatting functions such as `sprintf`.
+* The security pack taint tracking library (`semmle.code.cpp.security.TaintTracking`) uses a new intermediate representation. This provides a more precise analysis of pointers to stack variables and flow through parameters, removing false positives and adding true positives in many security queries.
