C++: Use getQualifiedName() = "gets", not hasName

jbj · jbj · commit 0ed161882458 · 2019-03-04T09:01:20.000+01:00
This fixes false positives on https://lgtm.com/projects/g/brandonpelfrey/Construct caused by a member function named `gets` -- probably short for "get s".
diff --git a/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql b/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
@@ -16,7 +16,7 @@ predicate potentiallyDangerousFunction(Function f, string message) {
     f.getQualifiedName() = "gmtime" and
     message = "Call to gmtime is potentially dangerous"
   ) or (
-    f.hasName("gets") and
+    f.getQualifiedName() = "gets" and
     message = "gets does not guard against buffer overflow"
   )
 }

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ predicate potentiallyDangerousFunction(Function f, string message) {`
`16`	`16`	`f.getQualifiedName() = "gmtime" and`
`17`	`17`	`message = "Call to gmtime is potentially dangerous"`
`18`	`18`	`) or (`
`19`		`- f.hasName("gets") and`
	`19`	`+ f.getQualifiedName() = "gets" and`
`20`	`20`	`message = "gets does not guard against buffer overflow"`
`21`	`21`	`)`
`22`	`22`	`}`