Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit fc9d219

Browse files
ihsinmeihsinme
authored
Update AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql
1 parent de0bbc8 commit fc9d219

1 file changed

Lines changed: 3 additions & 4 deletions

File tree

cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,12 @@
1212
*/
1313

1414
import cpp
15-
import semmle.code.cpp.valuenumbering.HashCons
15+
import semmle.code.cpp.valuenumbering.GlobalValueNumbering
1616

1717
from FunctionCall fc, AssignExpr expr, ArrayExpr exprarr
1818
where
19-
fc.getTarget().hasGlobalOrStdName("strlen") and
2019
exprarr = expr.getLValue() and
2120
expr.getRValue().getValue().toInt() = 0 and
2221
exprarr.getArrayOffset() = fc and
23-
hashCons(fc.getArgument(0)) = hashCons(exprarr.getArrayBase())
24-
select expr, "use a different method to calculate the length."
22+
globalValueNumber(fc.getArgument(0)) = globalValueNumber(exprarr.getArrayBase())
23+
select expr, "potential unsafe or redundant assignment."

0 commit comments

Comments
 (0)