hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Silence alerts coming from CMake test compilation files

Browse Source
This commit is contained in:
Jeroen Ketema
2025-01-05 17:28:23 +01:00
parent ede801ed88
commit 06f6bac169
9 changed files with 53 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/src/Critical/OverflowStatic.ql
View File

@@ -17,6 +17,7 @@ import cpp
import semmle.code.cpp.commons.Buffer
import semmle.code.cpp.ir.dataflow.DataFlow
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
import semmle.code.cpp.ConfigurationTestFile
import LoopBounds
private predicate staticBufferBase(VariableAccess access, Variable v) {
@@ -148,7 +149,10 @@ predicate outOfBounds(BufferAccess bufaccess, string msg) {
from Element error, string msg
where
overflowOffsetInLoop(error, msg) or
wrongBufferSize(error, msg) or
outOfBounds(error, msg)
(
overflowOffsetInLoop(error, msg) or
wrongBufferSize(error, msg) or
outOfBounds(error, msg)
) and
not error.getFile() instanceof ConfigurationTestFile // elements in files generated during configuration are likely false positives
select error, msg