C++: QLDoc for CommandExecution model

Robert Marsh · Robert Marsh · commit d3d708bc682c · 2021-09-17T12:16:20.000-07:00
diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/CommandExecution.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/CommandExecution.qll
@@ -1,7 +1,23 @@
+/**
+ * Provides classes for modeling functions that execute new programs by
+ * interpreting string data as shell commands. To use this QL library, create
+ * a QL class extending `CommandExecutionFunction` with a characteristic
+ * predicate that selects the function or set of functions you are modeling.
+ * Within that class, override the `hasCommandArgument` predicate to indicate
+ * which parameters are interpreted as shell commands.
+ */
+
 import cpp
 import FunctionInputsAndOutputs
 import semmle.code.cpp.models.Models
 
+/**
+ * A function, such as `exec` or `popen` that starts a new process by 
+ * interpreting a string as a shell command.
+ */
 abstract class CommandExecutionFunction extends Function {
+  /**
+   * Holds if `input` is interpreted as a shell command.
+   */
   abstract predicate hasCommandArgument(FunctionInput input);
-}
+}
