C++: Model bsl functions in Strcat.qll.

criemen · web-flow · commit 9d19752d9a9d · 2021-02-15T15:42:34.000Z
diff --git a/cpp/ql/src/semmle/code/cpp/Declaration.qll b/cpp/ql/src/semmle/code/cpp/Declaration.qll
@@ -139,6 +139,19 @@ class Declaration extends Locatable, @declaration {
     this.hasQualifiedName("std", "", name)
   }
 
+  /**
+   * Holds if this declaration has the given name in the global namespace,
+   * the `std` namespace or the `bsl` namespace.
+   * We treat `std` and `bsl` as the same in a bunch of our models.
+   */
+  predicate hasGlobalOrStdishName(string name) {
+    this.hasGlobalName(name)
+    or
+    this.hasQualifiedName("std", "", name)
+    or
+    this.hasQualifiedName("bsl", "", name)
+  }
+
   /** Gets a specifier of this declaration. */
   Specifier getASpecifier() { none() } // overridden in subclasses
 
diff --git a/cpp/ql/src/semmle/code/cpp/models/implementations/Strcat.qll b/cpp/ql/src/semmle/code/cpp/models/implementations/Strcat.qll
@@ -13,7 +13,7 @@ import semmle.code.cpp.models.interfaces.SideEffect
  */
 class StrcatFunction extends TaintFunction, DataFlowFunction, ArrayFunction, SideEffectFunction {
   StrcatFunction() {
-    this.hasGlobalOrStdName([
+    this.hasGlobalOrStdishName([
         "strcat", // strcat(dst, src)
         "strncat", // strncat(dst, src, max_amount)
         "wcscat", // wcscat(dst, src)
