Merge pull request github#6503 from andersfugmann/model_strdupa_functions

C++: Model strdupa and strndupa

Author: MathiasVP

cpp/ql/lib/semmle/code/cpp/models/implementations/Strdup.qll

@@ -16,6 +16,7 @@ private class StrdupFunction extends AllocationFunction, ArrayFunction, DataFlow
     hasGlobalName([
         // --- C library allocation
         "strdup", // strdup(str)
+        "strdupa", // strdupa(str) - returns stack allocated buffer
         "wcsdup", // wcsdup(str)
         "_strdup", // _strdup(str)
         "_wcsdup", // _wcsdup(str)
@@ -31,18 +32,20 @@ private class StrdupFunction extends AllocationFunction, ArrayFunction, DataFlow
     input.isParameterDeref(0) and
     output.isReturnValueDeref()
   }
+
+  override predicate requiresDealloc() { not hasGlobalName("strdupa") }
 }
 
 /**
  * A `strndup` style allocation function.
  */
 private class StrndupFunction extends AllocationFunction, ArrayFunction, DataFlowFunction {
   StrndupFunction() {
-    exists(string name |
-      hasGlobalName(name) and
-      // --- C library allocation
-      name = "strndup" // strndup(str, maxlen)
-    )
+    hasGlobalName([
+        // -- C library allocation
+        "strndup", // strndup(str, maxlen)
+        "strndupa" // strndupa(str, maxlen) -- returns stack allocated buffer
+      ])
   }
 
   override predicate hasArrayInput(int bufParam) { bufParam = 0 }
@@ -56,4 +59,6 @@ private class StrndupFunction extends AllocationFunction, ArrayFunction, DataFlo
     ) and
     output.isReturnValueDeref()
   }
+
+  override predicate requiresDealloc() { not hasGlobalName("strndupa") }
 }