hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #318 from geoffw0/overflowstatic

Browse Source 
CPP: Speed up OverflowStatic.ql
This commit is contained in:
Jonas Jensen
2018-10-26 20:19:41 +02:00
committed by GitHub
parent c2e7627f61 a9b55534b4
commit 47096bbc5f
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/src/semmle/code/cpp/commons/Buffer.qll
View File

@@ -83,19 +83,21 @@ int getBufferSize(Expr bufferExpr, Element why) {
// buffer is a fixed size dynamic allocation
isFixedSizeAllocationExpr(bufferExpr, result) and
why = bufferExpr
) or (
) or exists(DataFlow::ExprNode bufferExprNode |
// dataflow (all sources must be the same size)
bufferExprNode = DataFlow::exprNode(bufferExpr) and
result = min(Expr def |
DataFlow::localFlowStep(DataFlow::exprNode(def), DataFlow::exprNode(bufferExpr)) |
DataFlow::localFlowStep(DataFlow::exprNode(def), bufferExprNode) |
getBufferSize(def, _)
) and result = max(Expr def |
DataFlow::localFlowStep(DataFlow::exprNode(def), DataFlow::exprNode(bufferExpr)) |
DataFlow::localFlowStep(DataFlow::exprNode(def), bufferExprNode) |
getBufferSize(def, _)
) and
// find reason
exists(Expr def |
DataFlow::localFlowStep(DataFlow::exprNode(def), DataFlow::exprNode(bufferExpr)) |
DataFlow::localFlowStep(DataFlow::exprNode(def), bufferExprNode) |
why = def or
exists(getBufferSize(def, why))
)

8
cpp/ql/src/semmle/code/cpp/controlflow/SSAUtils.qll
View File

@@ -124,11 +124,17 @@ cached library class SSAHelper extends int {
* Modern Compiler Implementation by Andrew Appel.
*/
private predicate frontier_phi_node(LocalScopeVariable v, BasicBlock b) {
exists(BasicBlock x | dominanceFrontier(x, b) and ssa_defn(v, _, x, _))
exists(BasicBlock x | dominanceFrontier(x, b) and ssa_defn_rec(v, x))
/* We can also eliminate those nodes where the variable is not live on any incoming edge */
and live_at_start_of_bb(v, b)
}
private predicate ssa_defn_rec(LocalScopeVariable v, BasicBlock b) {
phi_node(v, b)
or
variableUpdate(v, _, b, _)
}
/**
* Holds if `v` is defined, for the purpose of SSA, at `node`, which is at
* position `index` in block `b`. This includes definitions from phi nodes.