Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll

MathiasVP · jketema · web-flow · commit 88b78284ec76 · 2023-07-24T14:57:59.000+02:00
Co-authored-by: Jeroen Ketema &lt;93738568+jketema@users.noreply.github.com&gt;
diff --git a/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll b/cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll
@@ -8,7 +8,7 @@
  * 1. char* base = (char*)malloc(size);
  * 2. char* end = base + size;
  * 3. for(int *p = base; p <= end; p++) {
- * 4.   use(*p);
+ * 4.   use(*p); // BUG: Should have been bounded by `p < end`.
  * 5. }
  * ```
  * this file identifies the flow from `base + size` to `end`. We call `base + size` the "dereference source" and `end`
