[Tibbes]

The dataflow analysis libraries in QL have significantly improved since 2015, and were used to find the ICMP vulnerability mentioned in the article. See the blog post for the query used. [1]

Dataflow analysis is a form of execution simulation that estimates the flow of control and data from one part of the program to another. Of course, there are many forms of simulation, and they vary in accuracy and the expense of computing them.

[1]: https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407