jorgectf
diff --git a/‎.github/workflows/generate-query-help-docs.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/generate-query-help-docs.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/src/semmle/code/cpp/commons/Printf.qll
Lines changed: 6 additions & 1 deletion b/‎cpp/ql/src/semmle/code/cpp/commons/Printf.qll
Lines changed: 6 additions & 1 deletion
diff --git a/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
Lines changed: 2 additions & 0 deletions b/‎cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
Lines changed: 2 additions & 0 deletions
@@ -50,7 +50,7 @@ jobs:
       uses: ammaraskar/sphinx-action@8b4f60114d7fd1faeba1a712269168508d4750d2 # v0.4
       with:
         docs-folder: "query-help/"
-        pre-build-command: "python -m pip install --upgrade recommonmark"
+        pre-build-command: "python -m pip install --upgrade recommonmark && python -m pip install --upgrade sphinx-markdown-tables"
         build-command: "sphinx-build -b dirhtml . _build" 
     - name: Upload HTML artifacts
       uses: actions/upload-artifact@v2
 
@@ -46,7 +46,7 @@ class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {
   UntrustedDataToExternalAPIConfig() { this = "UntrustedDataToExternalAPIConfig" }
 
   override predicate isSource(DataFlow::Node source) {
-    exists(RemoteFlowFunction remoteFlow |
+    exists(RemoteFlowSourceFunction remoteFlow |
       remoteFlow = source.asExpr().(Call).getTarget() and
       remoteFlow.hasRemoteFlowSource(_, _)
     )
 
@@ -53,7 +53,12 @@ predicate primitiveVariadicFormatter(
   (
     if type = "" then outputParamIndex = -1 else outputParamIndex = 0 // Conveniently, these buffer parameters are all at index 0.
   ) and
-  not exists(f.getBlock()) // exclude functions with an implementation in the snapshot as they may not be standard implementations.
+  not (
+    // exclude functions with an implementation in the snapshot source
+    // directory, as they may not be standard implementations.
+    exists(f.getBlock()) and
+    exists(f.getFile().getRelativePath())
+  )
 }
 
 private predicate callsVariadicFormatter(
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
 
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {`
`46`	`46`	`UntrustedDataToExternalAPIConfig() { this = "UntrustedDataToExternalAPIConfig" }`
`47`	`47`
`48`	`48`	`override predicate isSource(DataFlow::Node source) {`
`49`		`- exists(RemoteFlowFunction remoteFlow \|`
	`49`	`+ exists(RemoteFlowSourceFunction remoteFlow \|`
`50`	`50`	`remoteFlow = source.asExpr().(Call).getTarget() and`
`51`	`51`	`remoteFlow.hasRemoteFlowSource(_, _)`
`52`	`52`	`)`
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,12 @@ predicate primitiveVariadicFormatter(`
`53`	`53`	`(`
`54`	`54`	`if type = "" then outputParamIndex = -1 else outputParamIndex = 0 // Conveniently, these buffer parameters are all at index 0.`
`55`	`55`	`) and`
`56`		`- not exists(f.getBlock()) // exclude functions with an implementation in the snapshot as they may not be standard implementations.`
	`56`	`+ not (`
	`57`	`+ // exclude functions with an implementation in the snapshot source`
	`58`	`+ // directory, as they may not be standard implementations.`
	`59`	`+ exists(f.getBlock()) and`
	`60`	`+ exists(f.getFile().getRelativePath())`
	`61`	`+ )`
`57`	`62`	`}`
`58`	`63`
`59`	`64`	`private predicate callsVariadicFormatter(`