CodeQL queries 1.24
This query identifies calls to string copy functions used in conditions, either
directly or as part of an equality operator or logical operator. The most
common string copy functions always return their
parameter and do not have a return value reserved to indicate an error.
Therefore, such a function call always evaluates to true in a Boolean
The string copy functions that the rule takes into consideration are:
NOTE: It is highly recommended to consider using a more secure version of string manipulation functions such as as
Check to ensure that the flagged expressions are not typos.
If a string comparison is intended, change the function to the appropriate string comparison function.
If a string copy is really intended, very likely a secure version of the string copy function such as
strcpy_s was intended instead of the insecure version of the string copy function.