Skip to content

Commit 108d517

Browse files
jbjrdmarsh2
andcommitted
C++: Fix two bugs found by @rdmarsh2
Co-Authored-By: Robert Marsh <rdmarsh2@gmail.com>
1 parent 5822cd7 commit 108d517

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

cpp/ql/src/Security/CWE/CWE-134/UncontrolledFormatStringThroughGlobalVar.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,6 @@ where
3434
not taintedWithoutGlobals(arg) and
3535
taintedWithPath(userValue, arg, sourceNode, sinkNode) and
3636
isUserInput(userValue, cause)
37-
select arg,
37+
select arg, sourceNode, sinkNode,
3838
"The value of this argument may come from $@ and is being used as a formatting argument to " +
3939
printfFunction, userValue, cause

cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -489,7 +489,7 @@ module TaintedWithPath {
489489
}
490490
}
491491

492-
private class WrapPathNode extends PathNode, TPathNode {
492+
private class WrapPathNode extends PathNode, TWrapPathNode {
493493
DataFlow3::PathNode inner() { this = TWrapPathNode(result) }
494494

495495
override string toString() { result = this.inner().toString() }

0 commit comments

Comments
 (0)