github · MathiasVP · Jul 16, 2025 · Jul 15, 2025 · Jul 16, 2025 · Jul 16, 2025
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) no longer considers calls through function pointers as wrapper functions.
@@ -37,7 +37,7 @@ private predicate wrapperFunctionStep(
   not target.isVirtual() and
   not source.isVirtual() and
   source.hasDefinition() and
-  exists(Call call, Expr arg, Parameter sourceParam |
+  exists(FunctionCall call, Expr arg, Parameter sourceParam |
     // there is a 'call' to 'target' with argument 'arg' at index 'targetParamIndex'
     target = resolveCall(call) and
     arg = call.getArgument(targetParamIndex) and
@@ -154,7 +154,7 @@ abstract class FunctionWithWrappers extends Function {
    * Whether 'arg' is an argument in a call to an outermost wrapper function of 'this' function.
    */
   predicate outermostWrapperFunctionCall(Expr arg, string callChain) {
-    exists(Function targetFunc, Call call, int argIndex |
+    exists(Function targetFunc, FunctionCall call, int argIndex |
       targetFunc = resolveCall(call) and
       this.wrapperFunction(targetFunc, argIndex, callChain) and
       (

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Due to changes in the `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) the primary alert location generated by the queries `cpp/path-injection`, `cpp/sql-injection`, `cpp/tainted-format-string`, and `cpp/command-line-injection` may have changed.