Module FlowFromFree
Constructs a FlowFromFreeConfig module that can be used to find flow between
a pointer being freed by some deallocation function, and a user-specified sink.
In order to reduce false positives, the set of sinks is restricted to only those that satisfy at least one of the following two criteria:
- The source dominates the sink, or
- The sink post-dominates the source.
Import path
import semmle.code.cpp.security.flowafterfree.FlowAfterFreeImports
| GlobalWithState<FlowAfterFree::FlowFromFree::FlowFromFreeConfig> | Constructs a global data flow computation using flow state. |