Skip to content

Commit 32045f8

Browse files
MathiasVPMathiasVP
authored
Merge pull request github#13635 from MathiasVP/dont-barrier-on-valid-state-config
C++: Revert parts of github#13623
2 parents c977bd1 + 518a372 commit 32045f8

File tree

2 files changed

+6
-4
lines changed

2 files changed

+6
-4
lines changed

cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -120,10 +120,6 @@ module ValidState {
120120

121121
predicate isBarrier(DataFlow::Node node, FlowState state) { none() }
122122

123-
predicate isBarrierOut(DataFlow::Node node) {
124-
node = any(DataFlow::SsaPhiNode phi).getAnInput(true)
125-
}
126-
127123
predicate isAdditionalFlowStep(
128124
DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2
129125
) {

cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,7 @@ edges
7575
| test.cpp:214:24:214:24 | p | test.cpp:216:10:216:10 | p |
7676
| test.cpp:220:43:220:48 | call to malloc | test.cpp:222:15:222:20 | buffer |
7777
| test.cpp:222:15:222:20 | buffer | test.cpp:214:24:214:24 | p |
78+
| test.cpp:228:43:228:48 | call to malloc | test.cpp:232:10:232:15 | buffer |
7879
| test.cpp:235:40:235:45 | buffer | test.cpp:236:5:236:26 | ... = ... |
7980
| test.cpp:236:5:236:26 | ... = ... | test.cpp:236:12:236:17 | p_str indirection [post update] [string] |
8081
| test.cpp:241:27:241:32 | call to malloc | test.cpp:242:22:242:27 | buffer |
@@ -85,6 +86,7 @@ edges
8586
| test.cpp:243:12:243:14 | str indirection [string] | test.cpp:243:16:243:21 | string indirection |
8687
| test.cpp:243:16:243:21 | string indirection | test.cpp:243:12:243:21 | string |
8788
| test.cpp:249:20:249:27 | call to my_alloc | test.cpp:250:12:250:12 | p |
89+
| test.cpp:256:17:256:22 | call to malloc | test.cpp:257:12:257:12 | p |
8890
| test.cpp:262:22:262:27 | call to malloc | test.cpp:266:12:266:12 | p |
8991
| test.cpp:264:20:264:25 | call to malloc | test.cpp:266:12:266:12 | p |
9092
nodes
@@ -153,6 +155,8 @@ nodes
153155
| test.cpp:216:10:216:10 | p | semmle.label | p |
154156
| test.cpp:220:43:220:48 | call to malloc | semmle.label | call to malloc |
155157
| test.cpp:222:15:222:20 | buffer | semmle.label | buffer |
158+
| test.cpp:228:43:228:48 | call to malloc | semmle.label | call to malloc |
159+
| test.cpp:232:10:232:15 | buffer | semmle.label | buffer |
156160
| test.cpp:235:40:235:45 | buffer | semmle.label | buffer |
157161
| test.cpp:236:5:236:26 | ... = ... | semmle.label | ... = ... |
158162
| test.cpp:236:12:236:17 | p_str indirection [post update] [string] | semmle.label | p_str indirection [post update] [string] |
@@ -164,6 +168,8 @@ nodes
164168
| test.cpp:243:16:243:21 | string indirection | semmle.label | string indirection |
165169
| test.cpp:249:20:249:27 | call to my_alloc | semmle.label | call to my_alloc |
166170
| test.cpp:250:12:250:12 | p | semmle.label | p |
171+
| test.cpp:256:17:256:22 | call to malloc | semmle.label | call to malloc |
172+
| test.cpp:257:12:257:12 | p | semmle.label | p |
167173
| test.cpp:262:22:262:27 | call to malloc | semmle.label | call to malloc |
168174
| test.cpp:264:20:264:25 | call to malloc | semmle.label | call to malloc |
169175
| test.cpp:266:12:266:12 | p | semmle.label | p |

0 commit comments

Comments
 (0)