hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update qhelp to explain possible source of FPs

Browse Source
This commit is contained in:
Owen Mansel-Chan
2024-10-09 15:08:48 +01:00
parent b087fdecfe
commit 500992c499
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.qhelp
View File

@@ -27,6 +27,11 @@ the bit size you specified when parsing the number.
If this is not possible, then add upper (and lower) bound checks specific to each type and
bit size (you can find the minimum and maximum value for each type in the <code>math</code> package).
</p>
<p>
Note that CodeQL is only able to identify bounds checks that compare against a constant value. When a variable
is used in the comparison, CodeQL is unable to determine the value of the variable at runtime and will not
recognize the bounds check.
</p>
</recommendation>
<example>