From 4ea8569081e003e4fb274c3d03e709ea7ba86fe4 Mon Sep 17 00:00:00 2001
From: Ziemowit Laski <zlaski@semmle.com>
Date: Thu, 7 Nov 2019 16:40:03 -0800
Subject: [PATCH] [CPP-434] Squelch query alerts if ALL files were compiled    
       with `-fwrapv` or `-fno-strict-overflow`

---
 cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql b/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql
index bd79a114172..648846a7dc1 100644
--- a/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql	
+++ b/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql	
@@ -23,5 +23,9 @@ where
   globalValueNumber(expr1) = globalValueNumber(expr2) and
   add.getUnspecifiedType().(IntegralType).isSigned() and
   not exists(MacroInvocation mi | mi.getAnAffectedElement() = add) and
-  exprMightOverflowPositively(add)
+  exprMightOverflowPositively(add) and
+  exists(Compilation c | c.getAFileCompiled() = ro.getFile() |
+    not c.getAnArgument() = "-fwrapv" and
+    not c.getAnArgument() = "-fno-strict-overflow"
+  )
 select ro, "Testing for signed overflow may produce undefined results."