Update shared data-flow note for feedback

This commit is contained in:
Felicity Chapman 2019-11-26 15:57:52 +00:00
Родитель 87fca1fde6
Коммит 4f6660887c
1 изменённых файлов: 3 добавлений и 3 удалений

Просмотреть файл

@ -32,9 +32,9 @@ The following changes in version 1.23 affect C/C++ analysis in all applications.
`semmle.code.cpp.dataflow.TaintTracking` have had extensive changes: `semmle.code.cpp.dataflow.TaintTracking` have had extensive changes:
* Data flow through fields is now more complete and reliable. * Data flow through fields is now more complete and reliable.
* The data-flow library has been extended with a new feature to aid debugging. * The data-flow library has been extended with a new feature to aid debugging.
If you want to explore the possible flow from a source, replace Previously, to explore the possible flow from all sources you could specify `isSink(Node n) { any() }` on a configuration.
`isSink(Node n) { any() }` with the new `Configuration::hasPartialFlow` predicate. Now you can use the new `Configuration::hasPartialFlow` predicate,
This gives a more complete picture of the partial flow paths from a given source. which gives a more complete picture of the partial flow paths from a given source, including flow that doesn't reach any sink.
The feature is disabled by default and can be enabled for individual configurations by overriding `int explorationLimit()`. The feature is disabled by default and can be enabled for individual configurations by overriding `int explorationLimit()`.
* There is now flow out of C++ reference parameters. * There is now flow out of C++ reference parameters.
* There is now flow through the address-of operator (`&`). * There is now flow through the address-of operator (`&`).