From 8c80d060f078aa7f4fcd813fc5b1881f08ee93d4 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 16 Jul 2021 12:04:27 +0100
Subject: [PATCH] Ignore results in the xmpsdk directory.

---
 .../codeql-queries/exiv2-cpp-queries/unsafe_vector_access.ql  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/codeql-queries/exiv2-cpp-queries/unsafe_vector_access.ql b/.github/codeql-queries/exiv2-cpp-queries/unsafe_vector_access.ql
index 31472de06f..4a4c578b08 100644
--- a/.github/codeql-queries/exiv2-cpp-queries/unsafe_vector_access.ql
+++ b/.github/codeql-queries/exiv2-cpp-queries/unsafe_vector_access.ql
@@ -175,5 +175,7 @@ where
   not index_last_with_check(_, call) and
   // Ignore accesses like this: `vsnprintf(&buffer[0], buffer.size(), format, args)`
   // That's pointer arithmetic, not a deref, so it's usually a false positive.
-  not exists(AddressOfExpr addrExpr | addrExpr.getOperand() = call)
+  not exists(AddressOfExpr addrExpr | addrExpr.getOperand() = call) and
+  // Ignore results in the xmpsdk directory.
+  not call.getLocation().getFile().getRelativePath().matches("xmpsdk/%")
 select call, "Unsafe use of operator[]. Use the at() method instead."