From c79a724f5df0d5f0e354fbb3f7633eba024ed11e Mon Sep 17 00:00:00 2001 From: Mathew Payne <2772944+GeekMasher@users.noreply.github.com> Date: Fri, 16 May 2025 18:21:44 +0100 Subject: [PATCH 1/3] feat(cpp): Update FlowSources to add wmain --- cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll b/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll index 2aef5e6e7df3..b79a94ae2223 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll @@ -55,12 +55,12 @@ private class LocalModelSource extends LocalFlowSource { } /** - * A local data flow source that the `argv` parameter to `main`. + * A local data flow source that the `argv` parameter to `main` or `wmain`. */ private class ArgvSource extends LocalFlowSource { ArgvSource() { exists(Function main, Parameter argv | - main.hasGlobalName("main") and + main.hasGlobalName(["main", "wmain"]) main.getParameter(1) = argv and this.asParameter(2) = argv ) From 94fe9b692fc5e088181148f132c6f34fd0f210f8 Mon Sep 17 00:00:00 2001 From: GeekMasher Date: Fri, 16 May 2025 18:35:50 +0100 Subject: [PATCH 2/3] feat(cpp): Add change notes --- cpp/ql/lib/change-notes/2025-05-16-wmain-support.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cpp/ql/lib/change-notes/2025-05-16-wmain-support.md diff --git a/cpp/ql/lib/change-notes/2025-05-16-wmain-support.md b/cpp/ql/lib/change-notes/2025-05-16-wmain-support.md new file mode 100644 index 000000000000..bdc369bfeddc --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-05-16-wmain-support.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Added support for `wmain` as part of the ArgvSource model. \ No newline at end of file From bbce0d0c65228eaa41734b108bec472675a6aae5 Mon Sep 17 00:00:00 2001 From: Mathew Payne <2772944+GeekMasher@users.noreply.github.com> Date: Fri, 16 May 2025 18:55:00 +0100 Subject: [PATCH 3/3] Update cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com> --- cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll b/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll index b79a94ae2223..b5e94d4c0463 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll @@ -60,7 +60,7 @@ private class LocalModelSource extends LocalFlowSource { private class ArgvSource extends LocalFlowSource { ArgvSource() { exists(Function main, Parameter argv | - main.hasGlobalName(["main", "wmain"]) + main.hasGlobalName(["main", "wmain"]) and main.getParameter(1) = argv and this.asParameter(2) = argv )