зеркало из https://github.com/github/codeql.git
Update shared data-flow note for feedback
This commit is contained in:
Родитель
87fca1fde6
Коммит
4f6660887c
|
@ -32,9 +32,9 @@ The following changes in version 1.23 affect C/C++ analysis in all applications.
|
||||||
`semmle.code.cpp.dataflow.TaintTracking` have had extensive changes:
|
`semmle.code.cpp.dataflow.TaintTracking` have had extensive changes:
|
||||||
* Data flow through fields is now more complete and reliable.
|
* Data flow through fields is now more complete and reliable.
|
||||||
* The data-flow library has been extended with a new feature to aid debugging.
|
* The data-flow library has been extended with a new feature to aid debugging.
|
||||||
If you want to explore the possible flow from a source, replace
|
Previously, to explore the possible flow from all sources you could specify `isSink(Node n) { any() }` on a configuration.
|
||||||
`isSink(Node n) { any() }` with the new `Configuration::hasPartialFlow` predicate.
|
Now you can use the new `Configuration::hasPartialFlow` predicate,
|
||||||
This gives a more complete picture of the partial flow paths from a given source.
|
which gives a more complete picture of the partial flow paths from a given source, including flow that doesn't reach any sink.
|
||||||
The feature is disabled by default and can be enabled for individual configurations by overriding `int explorationLimit()`.
|
The feature is disabled by default and can be enabled for individual configurations by overriding `int explorationLimit()`.
|
||||||
* There is now flow out of C++ reference parameters.
|
* There is now flow out of C++ reference parameters.
|
||||||
* There is now flow through the address-of operator (`&`).
|
* There is now flow through the address-of operator (`&`).
|
||||||
|
|
Загрузка…
Ссылка в новой задаче