7.1.0.md

7.1.0

New Features

• Added a subclass Embed of PreprocessorDirective for C23 and C++26 #embed preprocessor directives.
• Added modules DataFlow::ParameterizedBarrierGuard and DataFlow::ParameterizedInstructionBarrierGuard. These modules provide the same features as DataFlow::BarrierGuard and DataFlow::InstructionBarrierGuard, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.

Minor Analysis Improvements

• The Buffer.qll library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries cpp/static-buffer-overflow, cpp/overflow-buffer, cpp/badly-bounded-write, cpp/overrunning-write, cpp/overrunning-write-with-float, and cpp/very-likely-overrunning-write will report fewer false positives on such databases.
• Added taint summary models and sql-injection barrier models for the MySQL mysql_real_escape_string and mysql_real_escape_string_quote escaping functions.
• The predicate SummarizedCallable.propagatesFlow has been extended with the columns Provenance p and boolean isExact, and as a consequence the predicates SummarizedCallable.hasProvenance and SummarizedCallable.hasExactModel have been removed.

Bug Fixes

• Fixed a bug in the GuardCondition library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using GuardCondition may see improved results.
• Fixed a bug which caused Node.asDefinition() to not have a result for certain assignments.