Module FormattingFunction

Provides a class for modeling printf-style formatting functions. To use this QL library, create a QL class extending FormattingFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by FormattingFunction to match the flow within that function.

Import path

import semmle.code.cpp.models.interfaces.FormattingFunction

Imports

ArrayFunction

Provides an abstract class for accurate modeling of input and output buffers in library functions when source code is not available. To use this QL library, create a QL class extending ArrayFunction with a characteristic predicate that selects the function or set of functions you are trying to model. Within that class, override the predicates provided by ArrayFunction to match the flow within that function. Finally, add a private import statement to Models.qll

Taint

Provides an abstract class for accurate taint modeling of library functions when source code is not available. To use this QL library, create a QL class extending TaintFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by TaintFunction to match the flow within that function.

Predicates

getAFormatterWideType

A type that is used as a format string by any formatting function.

Classes

FormattingFunction	A standard library function that uses a `printf`-like formatting string.
Snprintf	The standard functions `snprintf` and `swprintf`, and their Microsoft and glib variants.