Example: Bad overflow guard

The following presentation guides you through developing a query to find bad overflow guards in C/C++.

To view the speaker notes accompanying this presentation, click Settings > Open speaker notes.

A PDF version of these slides, including speaker notes, is also available: Example: Bad overflow guard.

Accompanying material

To find the vulnerability described in this presentation, download the appropriate snapshot from the ChakraCore-bad-overflow-check page in the Semmle demos repository. This repository also contains example query files that can be run in QL for Eclipse. For more information about using QL for Eclipse, including how to import snapshots and run queries, see the QL for Eclipse online help.

What next?

Further information