CPP: Detect commented preprocessor code.

2026-05-05 21:55:19 +02:00 · 2019-04-08 18:17:23 +01:00
parent 4d67bd32dd
commit 48fff334da
2 changed files with 22 additions and 12 deletions
--- a/cpp/ql/src/Documentation/CommentedOutCode.qll
+++ b/cpp/ql/src/Documentation/CommentedOutCode.qll
@@ -12,19 +12,26 @@ private predicate looksLikeCode(string line) {
    //  * HTML entities in hexadecimal notation (e.g. &amp;#x705F;)
    trimmed = line.regexpReplaceAll("(?i)(^\\s+|&#?[a-z0-9]{1,31};|\\s+$)", "")
  |
-    // Match comment lines ending with '{', '}' or ';'
-    trimmed.regexpMatch(".*[{};]") and
    (
-      // If this line looks like code because it ends with a closing
-      // brace that's preceded by something other than whitespace ...
-      trimmed.regexpMatch(".*.\\}")
-      implies
-      // ... then there has to be ") {" (or some variation)
-      // on the line, suggesting it's a statement like `if`
-      // or a function declaration. Otherwise it's likely to be a
-      // benign use of braces such as a JSON example or explanatory
-      // pseudocode.
-      trimmed.regexpMatch(".*(\\)|const|volatile|override|final|noexcept|&)\\s*\\{.*")
+      (
+        // Match comment lines ending with '{', '}' or ';'
+        trimmed.regexpMatch(".*[{};]") and
+        (
+          // If this line looks like code because it ends with a closing
+          // brace that's preceded by something other than whitespace ...
+          trimmed.regexpMatch(".*.\\}")
+          implies
+          // ... then there has to be ") {" (or some variation)
+          // on the line, suggesting it's a statement like `if`
+          // or a function declaration. Otherwise it's likely to be a
+          // benign use of braces such as a JSON example or explanatory
+          // pseudocode.
+          trimmed.regexpMatch(".*(\\)|const|volatile|override|final|noexcept|&)\\s*\\{.*")
+        )
+      ) or (
+        // Match comment lines that look like preprocessor code
+        trimmed.regexpMatch("#(include|define|undef|if|ifdef|ifndef|elif|else|endif|error)(\\s.*|)")
+      )
    ) and (
      // Exclude lines that start with '>' or contain '@{' or '@}'.
      // To account for the code generated by protobuf, we also insist that the comment