Update cpp/ql/src/experimental/Security/CWE/CWE-805/BufferAccessWithIncorrectLengthValue.ql

Co-authored-by: Jeroen Ketema <[email protected]>

Author: ihsinme

cpp/ql/src/experimental/Security/CWE/CWE-805/BufferAccessWithIncorrectLengthValue.ql

@@ -64,8 +64,8 @@ from FunctionCall fc
 where
   exists(ArrayType array, int bufArgPos, int sizeArgPos |
     numberArgument(fc.getTarget(), bufArgPos, sizeArgPos) and
-    fc.getArgument(sizeArgPos).getValue().toInt() > array.getByteSize() and
-    fc.getArgument(bufArgPos).(VariableAccess).getTarget().getADeclarationEntry().getType() = array
+    fc.getArgument(pragma[only_bind_into](sizeArgPos)).getValue().toInt() > array.getByteSize() and
+    fc.getArgument(pragma[only_bind_into](bufArgPos)).(VariableAccess).getTarget().getADeclarationEntry().getType() = array
   )
 select fc,
   "Access beyond the bounds of the allocated memory is possible, the size argument used is greater than the size of the buffer."