Update CompilerRemovalOfCodeToClearBuffers.ql

ihsinme · web-flow · commit 9c53e3939493 · 2021-01-21T16:52:00.000+03:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql b/cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql
@@ -23,7 +23,12 @@ class CompilerRemovaMemset extends FunctionCall {
     exists(DataFlow::Node source, DataFlow::Node sink, LocalVariable isv, Expr exp |
       DataFlow::localFlow(source, sink) and
       this.getArgument(0) = isv.getAnAccess() and
-      source.asExpr() = exp and
+      (
+        source.asExpr() = exp
+        or
+        // handle the case where exp is defined by an address being passed into some function.
+        source.asDefiningArgument() = exp
+      ) and
       exp.getLocation().getEndLine() < this.getArgument(0).getLocation().getStartLine() and
       sink.asExpr() = this.getArgument(0)
     )
