13 lines
462 B
Plaintext
13 lines
462 B
Plaintext
|
import cpp
|
||
|
|
import semmle.code.cpp.security.FlowSources
|
||
|
|
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
|
||
|
|
import semmle.code.cpp.valuenumbering.GlobalValueNumbering
|
||
|
|
|
||
|
|
from RelationalOperation ro, AddExpr add, Expr exprOne, Expr exprTwo
|
||
|
|
where
|
||
|
|
add.getAnOperand() = exprOne and
|
||
|
|
add.getAnOperand() = exprTwo and
|
||
|
|
globalValueNumber(exprOne) = globalValueNumber(exprTwo) and
|
||
|
|
exprMightOverflowPositively(add) or exprMightOverflowNegatively(add)
|
||
|
|
select add
|