From 8e36316ebfb898b23d5059173b6fd40e85d8b808 Mon Sep 17 00:00:00 2001
From: "REDMOND\\brodes" <brodes@microsoft.com>
Date: Mon, 9 Feb 2026 10:42:34 -0500
Subject: [PATCH] C++: Addressing Copilot PR suggestions.

---
 .../UncheckedLeapYearAfterYearModification.ql |  35 ++-
 ...ckedLeapYearAfterYearModification.expected | 236 +++++++++---------
 ...heckedReturnValueForTimeFunctions.expected |   6 +-
 .../test.cpp                                  |  50 +---
 4 files changed, 140 insertions(+), 187 deletions(-)

diff --git a/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql b/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql
index 8be4bbfbfe4..3fd830acd97 100644
--- a/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql	
+++ b/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql	
@@ -12,8 +12,6 @@
 import cpp
 import LeapYear
 import semmle.code.cpp.controlflow.IRGuards
-import semmle.code.cpp.ir.IR
-import semmle.code.cpp.commons.DateTime
 
 /**
  * Functions whose operations should never be considered a
@@ -92,11 +90,11 @@ abstract class IgnorableOperation extends Expr { }
 class IgnorableExprRem extends IgnorableOperation instanceof RemExpr { }
 
 /**
- * Anything involving an operation with 10, 100, 1000, 10000 is often a sign of conversion
+ * An operation with 10, 100, 1000, 10000 as an operand is often a sign of conversion
  * or atoi.
  */
-class IgnorableExpr10MulipleComponent extends IgnorableOperation {
-  IgnorableExpr10MulipleComponent() {
+class IgnorableExpr10MultipleComponent extends IgnorableOperation {
+  IgnorableExpr10MultipleComponent() {
     this.(Operation).getAnOperand().getValue().toInt() in [10, 100, 1000, 10000]
     or
     exists(AssignOperation a | a.getRValue() = this |
@@ -106,7 +104,7 @@ class IgnorableExpr10MulipleComponent extends IgnorableOperation {
 }
 
 /**
- * Anything involving a sub expression with char literal 48, ignore as a likely string conversion
+ * An operation involving a sub expression with char literal 48, ignore as a likely string conversion
  * e.g., X - '0'
  */
 class IgnorableExpr48Mapping extends IgnorableOperation {
@@ -118,7 +116,7 @@ class IgnorableExpr48Mapping extends IgnorableOperation {
 }
 
 /**
- * A binary or arithemtic operation whereby one of the components is textual or a string.
+ * A binary or arithmetic operation whereby one of the components is textual or a string.
  */
 class IgnorableCharLiteralArithmetic extends IgnorableOperation {
   IgnorableCharLiteralArithmetic() {
@@ -170,7 +168,7 @@ predicate isLikelyConversionConstant(int c) {
 }
 
 /**
- * Some constants indicate conversion that are ignorable, e.g.,
+ * An `isLikelyConversionConstant` constant indicates conversion that is ignorable, e.g.,
  * julian to gregorian conversion or conversions from linux time structs
  * that start at 1900, etc.
  */
@@ -208,7 +206,7 @@ class OperationAsArgToIgnorableFunction extends IgnorableOperation {
 }
 
 /**
- * Literal OP literal means the result is constant/known
+ * A Literal OP literal means the result is constant/known
  * and the operation is basically ignorable (it's not a real operation but
  * probably one visual simplicity what it means).
  */
@@ -228,7 +226,7 @@ class IgnorableAssignmentBitwiseOperation extends IgnorableOperation instanceof
 { }
 
 /**
- * Any arithmetic operation where one of the operands is a pointer or char type, ignore it
+ * An arithmetic operation where one of the operands is a pointer or char type, ignore it
  */
 class IgnorablePointerOrCharArithmetic extends IgnorableOperation {
   IgnorablePointerOrCharArithmetic() {
@@ -267,7 +265,7 @@ class IgnorablePointerOrCharArithmetic extends IgnorableOperation {
 }
 
 /**
- * An expression that is a candidate source for an dataflow configuration for an Operation that could flow to a Year field.
+ * Holds for an expression that is a operation that could flow to a Year field.
  */
 predicate isOperationSourceCandidate(Expr e) {
   not e instanceof IgnorableOperation and
@@ -397,8 +395,8 @@ module OperationToYearAssignmentConfig implements DataFlow::ConfigSig {
     // This is assuming a user would have done this all on one line though.
     // setting a variable for the conversion and passing that separately would be more difficult to track
     // considering this approach good enough for current observed false positives
-    exists(Call c, Expr arg |
-      isLeapYearCheckCall(c, arg) and arg.getAChild*() = [n.asExpr(), n.asIndirectExpr()]
+    exists(Expr arg |
+      isLeapYearCheckCall(_, arg) and arg.getAChild*() = [n.asExpr(), n.asIndirectExpr()]
     )
     or
     // If as the flow progresses, the value holding a dangerous operation result
@@ -503,9 +501,10 @@ class MonthEqualityCheckGuard extends GuardCondition, FinalMonthEqualityCheck {
 bindingset[e]
 pragma[inline_late]
 predicate isControlledByMonthEqualityCheckNonFebruary(Expr e) {
-  exists(MonthEqualityCheckGuard monthGuard |
+  exists(MonthEqualityCheckGuard monthGuard, Expr compared |
     monthGuard.controls(e.getBasicBlock(), true) and
-    not monthGuard.getExprCompared().getValueText() = "2"
+    compared = monthGuard.getExprCompared() and
+    not compared.getValue().toInt() = 2
   )
 }
 
@@ -641,7 +640,7 @@ class LeapYearGuardCondition extends GuardCondition {
       LogicalAndExpr andExpr, LogicalOrExpr orExpr, GuardCondition div4Check,
       GuardCondition div100Check, GuardCondition div400Check, GuardValue gv
     |
-      // Cannonical case:
+      // canonical case:
       // form: `(year % 4 == 0) && (year % 100 != 0 || year % 400 == 0)`
       //    `!((year % 4 == 0) && (year % 100 != 0 || year % 400 == 0))`
       //    `!(year % 4) && (year % 100 || !(year % 400))`
@@ -733,7 +732,7 @@ class LeapYearGuardCondition extends GuardCondition {
   Expr getYearSinkDiv400() { result = yearSinkDiv400 }
 
   /**
-   * The variable access that is used in all 3 components of the leap year check
+   * Gets the variable access that is used in all 3 components of the leap year check
    * e.g., see getYearSinkDiv4/100/400..
    * If a field access is used, the qualifier and the field access are both returned
    * in checked condition.
@@ -802,7 +801,7 @@ module CandidateConstantToDayOrMonthAssignmentFlow =
   DataFlow::Global<CandidateConstantToDayOrMonthAssignmentConfig>;
 
 /**
- * The value that the assignment resolves to doesn't represent February,
+ * Holds if value the assignment `a` resolves to (`dayOrMonthValSrcExpr`) doesn't represent February,
  * and/or if it represents a day, is a 'safe' day (meaning the 27th or prior).
  */
 bindingset[dayOrMonthValSrcExpr]
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected
index 35a635ba903..30b6dad1208 100644
--- a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected	
+++ b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected	
@@ -6,69 +6,69 @@
 | test.cpp:769:2:769:23 | ... -= ... | test.cpp:769:2:769:23 | ... -= ... | test.cpp:769:2:769:23 | ... -= ... | Year field has been modified, but no appropriate check for LeapYear was found. |
 | test.cpp:813:2:813:40 | ... = ... | test.cpp:813:21:813:40 | ... + ... | test.cpp:813:2:813:40 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
 | test.cpp:818:2:818:24 | ... = ... | test.cpp:818:13:818:24 | ... + ... | test.cpp:818:2:818:24 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:954:3:954:25 | ... = ... | test.cpp:954:14:954:25 | ... + ... | test.cpp:954:3:954:25 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:972:3:972:12 | ... ++ | test.cpp:972:3:972:12 | ... ++ | test.cpp:972:3:972:12 | ... ++ | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1077:2:1077:11 | ... ++ | test.cpp:1077:2:1077:11 | ... ++ | test.cpp:1077:2:1077:11 | ... ++ | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1097:16:1097:23 | increment_arg output argument | test.cpp:1085:2:1085:4 | ... ++ | test.cpp:1097:16:1097:23 | increment_arg output argument | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1101:27:1101:35 | increment_arg_by_pointer output argument | test.cpp:1089:2:1089:7 | ... ++ | test.cpp:1101:27:1101:35 | increment_arg_by_pointer output argument | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1155:2:1155:26 | ... = ... | test.cpp:1155:14:1155:26 | ... - ... | test.cpp:1155:2:1155:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1206:2:1206:19 | ... = ... | test.cpp:1204:2:1204:15 | ... += ... | test.cpp:1206:2:1206:19 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1245:2:1245:28 | ... = ... | test.cpp:1245:16:1245:28 | ... + ... | test.cpp:1245:2:1245:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1260:2:1260:28 | ... = ... | test.cpp:1260:16:1260:28 | ... + ... | test.cpp:1260:2:1260:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:951:3:951:25 | ... = ... | test.cpp:951:14:951:25 | ... + ... | test.cpp:951:3:951:25 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:969:3:969:12 | ... ++ | test.cpp:969:3:969:12 | ... ++ | test.cpp:969:3:969:12 | ... ++ | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1031:2:1031:11 | ... ++ | test.cpp:1031:2:1031:11 | ... ++ | test.cpp:1031:2:1031:11 | ... ++ | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1051:16:1051:23 | increment_arg output argument | test.cpp:1039:2:1039:4 | ... ++ | test.cpp:1051:16:1051:23 | increment_arg output argument | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1055:27:1055:35 | increment_arg_by_pointer output argument | test.cpp:1043:2:1043:7 | ... ++ | test.cpp:1055:27:1055:35 | increment_arg_by_pointer output argument | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1109:2:1109:26 | ... = ... | test.cpp:1109:14:1109:26 | ... - ... | test.cpp:1109:2:1109:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1160:2:1160:19 | ... = ... | test.cpp:1158:2:1158:15 | ... += ... | test.cpp:1160:2:1160:19 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1199:2:1199:28 | ... = ... | test.cpp:1199:16:1199:28 | ... + ... | test.cpp:1199:2:1199:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1214:2:1214:28 | ... = ... | test.cpp:1214:16:1214:28 | ... + ... | test.cpp:1214:2:1214:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1228:2:1228:28 | ... = ... | test.cpp:1228:16:1228:28 | ... + ... | test.cpp:1228:2:1228:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1242:2:1242:26 | ... = ... | test.cpp:1242:14:1242:26 | ... + ... | test.cpp:1242:2:1242:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1256:2:1256:26 | ... = ... | test.cpp:1256:14:1256:26 | ... + ... | test.cpp:1256:2:1256:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1262:2:1262:28 | ... = ... | test.cpp:1262:16:1262:28 | ... + ... | test.cpp:1262:2:1262:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
 | test.cpp:1274:2:1274:28 | ... = ... | test.cpp:1274:16:1274:28 | ... + ... | test.cpp:1274:2:1274:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1288:2:1288:26 | ... = ... | test.cpp:1288:14:1288:26 | ... + ... | test.cpp:1288:2:1288:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1302:2:1302:26 | ... = ... | test.cpp:1302:14:1302:26 | ... + ... | test.cpp:1302:2:1302:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1308:2:1308:28 | ... = ... | test.cpp:1308:16:1308:28 | ... + ... | test.cpp:1308:2:1308:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1320:2:1320:28 | ... = ... | test.cpp:1320:16:1320:28 | ... + ... | test.cpp:1320:2:1320:28 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1333:2:1333:26 | ... = ... | test.cpp:1333:14:1333:26 | ... + ... | test.cpp:1333:2:1333:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1345:2:1345:26 | ... = ... | test.cpp:1345:14:1345:26 | ... + ... | test.cpp:1345:2:1345:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1387:2:1387:17 | ... = ... | test.cpp:1478:12:1478:17 | ... + ... | test.cpp:1387:2:1387:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1387:2:1387:17 | ... = ... | test.cpp:1492:9:1492:16 | ... + ... | test.cpp:1387:2:1387:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1387:2:1387:17 | ... = ... | test.cpp:1504:9:1504:16 | ... + ... | test.cpp:1387:2:1387:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1561:2:1561:15 | ... = ... | test.cpp:1558:2:1558:10 | ... += ... | test.cpp:1561:2:1561:15 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1591:2:1591:22 | ... += ... | test.cpp:1591:2:1591:22 | ... += ... | test.cpp:1591:2:1591:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1599:2:1599:22 | ... += ... | test.cpp:1599:2:1599:22 | ... += ... | test.cpp:1599:2:1599:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1678:2:1678:22 | ... += ... | test.cpp:1678:2:1678:22 | ... += ... | test.cpp:1678:2:1678:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1690:2:1690:22 | ... += ... | test.cpp:1690:2:1690:22 | ... += ... | test.cpp:1690:2:1690:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1723:2:1723:22 | ... += ... | test.cpp:1723:2:1723:22 | ... += ... | test.cpp:1723:2:1723:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
-| test.cpp:1799:2:1799:22 | ... += ... | test.cpp:1799:2:1799:22 | ... += ... | test.cpp:1799:2:1799:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1287:2:1287:26 | ... = ... | test.cpp:1287:14:1287:26 | ... + ... | test.cpp:1287:2:1287:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1299:2:1299:26 | ... = ... | test.cpp:1299:14:1299:26 | ... + ... | test.cpp:1299:2:1299:26 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1341:2:1341:17 | ... = ... | test.cpp:1432:12:1432:17 | ... + ... | test.cpp:1341:2:1341:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1341:2:1341:17 | ... = ... | test.cpp:1446:9:1446:16 | ... + ... | test.cpp:1341:2:1341:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1341:2:1341:17 | ... = ... | test.cpp:1458:9:1458:16 | ... + ... | test.cpp:1341:2:1341:17 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1515:2:1515:15 | ... = ... | test.cpp:1512:2:1512:10 | ... += ... | test.cpp:1515:2:1515:15 | ... = ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1545:2:1545:22 | ... += ... | test.cpp:1545:2:1545:22 | ... += ... | test.cpp:1545:2:1545:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1553:2:1553:22 | ... += ... | test.cpp:1553:2:1553:22 | ... += ... | test.cpp:1553:2:1553:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1632:2:1632:22 | ... += ... | test.cpp:1632:2:1632:22 | ... += ... | test.cpp:1632:2:1632:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1644:2:1644:22 | ... += ... | test.cpp:1644:2:1644:22 | ... += ... | test.cpp:1644:2:1644:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1677:2:1677:22 | ... += ... | test.cpp:1677:2:1677:22 | ... += ... | test.cpp:1677:2:1677:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
+| test.cpp:1753:2:1753:22 | ... += ... | test.cpp:1753:2:1753:22 | ... += ... | test.cpp:1753:2:1753:22 | ... += ... | Year field has been modified, but no appropriate check for LeapYear was found. |
 edges
 | test.cpp:813:21:813:40 | ... + ... | test.cpp:813:2:813:40 | ... = ... | provenance |  |
 | test.cpp:818:13:818:24 | ... + ... | test.cpp:818:2:818:24 | ... = ... | provenance |  |
-| test.cpp:954:14:954:25 | ... + ... | test.cpp:954:3:954:25 | ... = ... | provenance |  |
-| test.cpp:1084:26:1084:26 | *x | test.cpp:1097:16:1097:23 | increment_arg output argument | provenance |  |
-| test.cpp:1085:2:1085:4 | ... ++ | test.cpp:1084:26:1084:26 | *x | provenance |  |
-| test.cpp:1088:37:1088:37 | *x | test.cpp:1101:27:1101:35 | increment_arg_by_pointer output argument | provenance |  |
-| test.cpp:1089:2:1089:7 | ... ++ | test.cpp:1088:37:1088:37 | *x | provenance |  |
-| test.cpp:1155:14:1155:26 | ... - ... | test.cpp:1155:2:1155:26 | ... = ... | provenance |  |
-| test.cpp:1204:2:1204:15 | ... += ... | test.cpp:1206:2:1206:19 | ... = ... | provenance |  |
-| test.cpp:1245:16:1245:28 | ... + ... | test.cpp:1245:2:1245:28 | ... = ... | provenance |  |
-| test.cpp:1260:16:1260:28 | ... + ... | test.cpp:1260:2:1260:28 | ... = ... | provenance |  |
+| test.cpp:951:14:951:25 | ... + ... | test.cpp:951:3:951:25 | ... = ... | provenance |  |
+| test.cpp:1038:26:1038:26 | *x | test.cpp:1051:16:1051:23 | increment_arg output argument | provenance |  |
+| test.cpp:1039:2:1039:4 | ... ++ | test.cpp:1038:26:1038:26 | *x | provenance |  |
+| test.cpp:1042:37:1042:37 | *x | test.cpp:1055:27:1055:35 | increment_arg_by_pointer output argument | provenance |  |
+| test.cpp:1043:2:1043:7 | ... ++ | test.cpp:1042:37:1042:37 | *x | provenance |  |
+| test.cpp:1109:14:1109:26 | ... - ... | test.cpp:1109:2:1109:26 | ... = ... | provenance |  |
+| test.cpp:1158:2:1158:15 | ... += ... | test.cpp:1160:2:1160:19 | ... = ... | provenance |  |
+| test.cpp:1199:16:1199:28 | ... + ... | test.cpp:1199:2:1199:28 | ... = ... | provenance |  |
+| test.cpp:1214:16:1214:28 | ... + ... | test.cpp:1214:2:1214:28 | ... = ... | provenance |  |
+| test.cpp:1228:16:1228:28 | ... + ... | test.cpp:1228:2:1228:28 | ... = ... | provenance |  |
+| test.cpp:1242:14:1242:26 | ... + ... | test.cpp:1242:2:1242:26 | ... = ... | provenance |  |
+| test.cpp:1256:14:1256:26 | ... + ... | test.cpp:1256:2:1256:26 | ... = ... | provenance |  |
+| test.cpp:1262:16:1262:28 | ... + ... | test.cpp:1262:2:1262:28 | ... = ... | provenance |  |
 | test.cpp:1274:16:1274:28 | ... + ... | test.cpp:1274:2:1274:28 | ... = ... | provenance |  |
-| test.cpp:1288:14:1288:26 | ... + ... | test.cpp:1288:2:1288:26 | ... = ... | provenance |  |
-| test.cpp:1302:14:1302:26 | ... + ... | test.cpp:1302:2:1302:26 | ... = ... | provenance |  |
-| test.cpp:1308:16:1308:28 | ... + ... | test.cpp:1308:2:1308:28 | ... = ... | provenance |  |
-| test.cpp:1320:16:1320:28 | ... + ... | test.cpp:1320:2:1320:28 | ... = ... | provenance |  |
-| test.cpp:1333:14:1333:26 | ... + ... | test.cpp:1333:2:1333:26 | ... = ... | provenance |  |
-| test.cpp:1345:14:1345:26 | ... + ... | test.cpp:1345:2:1345:26 | ... = ... | provenance |  |
-| test.cpp:1384:20:1384:23 | year | test.cpp:1387:2:1387:17 | ... = ... | provenance |  |
-| test.cpp:1397:15:1397:22 | ... + ... | test.cpp:1397:3:1397:22 | ... = ... | provenance |  |
-| test.cpp:1402:12:1402:17 | ... + ... | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1411:15:1411:22 | ... + ... | test.cpp:1411:3:1411:22 | ... = ... | provenance |  |
-| test.cpp:1421:3:1421:20 | ... = ... | test.cpp:1423:12:1423:18 | yeartmp | provenance |  |
-| test.cpp:1421:13:1421:20 | ... + ... | test.cpp:1421:3:1421:20 | ... = ... | provenance |  |
-| test.cpp:1423:12:1423:18 | yeartmp | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1466:15:1466:22 | ... + ... | test.cpp:1466:3:1466:22 | ... = ... | provenance |  |
-| test.cpp:1471:12:1471:17 | ... + ... | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1478:12:1478:17 | ... + ... | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1492:2:1492:16 | ... = ... | test.cpp:1496:3:1496:18 | ... = ... | provenance |  |
-| test.cpp:1492:2:1492:16 | ... = ... | test.cpp:1501:12:1501:15 | year | provenance |  |
-| test.cpp:1492:9:1492:16 | ... + ... | test.cpp:1492:2:1492:16 | ... = ... | provenance |  |
-| test.cpp:1501:12:1501:15 | year | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1504:2:1504:16 | ... = ... | test.cpp:1510:12:1510:15 | year | provenance |  |
-| test.cpp:1504:9:1504:16 | ... + ... | test.cpp:1504:2:1504:16 | ... = ... | provenance |  |
-| test.cpp:1510:12:1510:15 | year | test.cpp:1384:20:1384:23 | year | provenance |  |
-| test.cpp:1558:2:1558:10 | ... += ... | test.cpp:1561:2:1561:15 | ... = ... | provenance |  |
+| test.cpp:1287:14:1287:26 | ... + ... | test.cpp:1287:2:1287:26 | ... = ... | provenance |  |
+| test.cpp:1299:14:1299:26 | ... + ... | test.cpp:1299:2:1299:26 | ... = ... | provenance |  |
+| test.cpp:1338:20:1338:23 | year | test.cpp:1341:2:1341:17 | ... = ... | provenance |  |
+| test.cpp:1351:15:1351:22 | ... + ... | test.cpp:1351:3:1351:22 | ... = ... | provenance |  |
+| test.cpp:1356:12:1356:17 | ... + ... | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1365:15:1365:22 | ... + ... | test.cpp:1365:3:1365:22 | ... = ... | provenance |  |
+| test.cpp:1375:3:1375:20 | ... = ... | test.cpp:1377:12:1377:18 | yeartmp | provenance |  |
+| test.cpp:1375:13:1375:20 | ... + ... | test.cpp:1375:3:1375:20 | ... = ... | provenance |  |
+| test.cpp:1377:12:1377:18 | yeartmp | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1420:15:1420:22 | ... + ... | test.cpp:1420:3:1420:22 | ... = ... | provenance |  |
+| test.cpp:1425:12:1425:17 | ... + ... | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1432:12:1432:17 | ... + ... | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1446:2:1446:16 | ... = ... | test.cpp:1450:3:1450:18 | ... = ... | provenance |  |
+| test.cpp:1446:2:1446:16 | ... = ... | test.cpp:1455:12:1455:15 | year | provenance |  |
+| test.cpp:1446:9:1446:16 | ... + ... | test.cpp:1446:2:1446:16 | ... = ... | provenance |  |
+| test.cpp:1455:12:1455:15 | year | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1458:2:1458:16 | ... = ... | test.cpp:1464:12:1464:15 | year | provenance |  |
+| test.cpp:1458:9:1458:16 | ... + ... | test.cpp:1458:2:1458:16 | ... = ... | provenance |  |
+| test.cpp:1464:12:1464:15 | year | test.cpp:1338:20:1338:23 | year | provenance |  |
+| test.cpp:1512:2:1512:10 | ... += ... | test.cpp:1515:2:1515:15 | ... = ... | provenance |  |
 nodes
 | test.cpp:422:2:422:14 | ... += ... | semmle.label | ... += ... |
 | test.cpp:440:2:440:11 | ... ++ | semmle.label | ... ++ |
@@ -80,66 +80,66 @@ nodes
 | test.cpp:813:21:813:40 | ... + ... | semmle.label | ... + ... |
 | test.cpp:818:2:818:24 | ... = ... | semmle.label | ... = ... |
 | test.cpp:818:13:818:24 | ... + ... | semmle.label | ... + ... |
-| test.cpp:875:4:875:15 | ... ++ | semmle.label | ... ++ |
-| test.cpp:954:3:954:25 | ... = ... | semmle.label | ... = ... |
-| test.cpp:954:14:954:25 | ... + ... | semmle.label | ... + ... |
-| test.cpp:972:3:972:12 | ... ++ | semmle.label | ... ++ |
-| test.cpp:1077:2:1077:11 | ... ++ | semmle.label | ... ++ |
-| test.cpp:1084:26:1084:26 | *x | semmle.label | *x |
-| test.cpp:1085:2:1085:4 | ... ++ | semmle.label | ... ++ |
-| test.cpp:1088:37:1088:37 | *x | semmle.label | *x |
-| test.cpp:1089:2:1089:7 | ... ++ | semmle.label | ... ++ |
-| test.cpp:1097:16:1097:23 | increment_arg output argument | semmle.label | increment_arg output argument |
-| test.cpp:1101:27:1101:35 | increment_arg_by_pointer output argument | semmle.label | increment_arg_by_pointer output argument |
-| test.cpp:1155:2:1155:26 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1155:14:1155:26 | ... - ... | semmle.label | ... - ... |
-| test.cpp:1204:2:1204:15 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1206:2:1206:19 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1245:2:1245:28 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1245:16:1245:28 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1260:2:1260:28 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1260:16:1260:28 | ... + ... | semmle.label | ... + ... |
+| test.cpp:872:4:872:15 | ... ++ | semmle.label | ... ++ |
+| test.cpp:951:3:951:25 | ... = ... | semmle.label | ... = ... |
+| test.cpp:951:14:951:25 | ... + ... | semmle.label | ... + ... |
+| test.cpp:969:3:969:12 | ... ++ | semmle.label | ... ++ |
+| test.cpp:1031:2:1031:11 | ... ++ | semmle.label | ... ++ |
+| test.cpp:1038:26:1038:26 | *x | semmle.label | *x |
+| test.cpp:1039:2:1039:4 | ... ++ | semmle.label | ... ++ |
+| test.cpp:1042:37:1042:37 | *x | semmle.label | *x |
+| test.cpp:1043:2:1043:7 | ... ++ | semmle.label | ... ++ |
+| test.cpp:1051:16:1051:23 | increment_arg output argument | semmle.label | increment_arg output argument |
+| test.cpp:1055:27:1055:35 | increment_arg_by_pointer output argument | semmle.label | increment_arg_by_pointer output argument |
+| test.cpp:1109:2:1109:26 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1109:14:1109:26 | ... - ... | semmle.label | ... - ... |
+| test.cpp:1158:2:1158:15 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1160:2:1160:19 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1199:2:1199:28 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1199:16:1199:28 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1214:2:1214:28 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1214:16:1214:28 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1228:2:1228:28 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1228:16:1228:28 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1242:2:1242:26 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1242:14:1242:26 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1256:2:1256:26 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1256:14:1256:26 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1262:2:1262:28 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1262:16:1262:28 | ... + ... | semmle.label | ... + ... |
 | test.cpp:1274:2:1274:28 | ... = ... | semmle.label | ... = ... |
 | test.cpp:1274:16:1274:28 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1288:2:1288:26 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1288:14:1288:26 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1302:2:1302:26 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1302:14:1302:26 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1308:2:1308:28 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1308:16:1308:28 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1320:2:1320:28 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1320:16:1320:28 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1333:2:1333:26 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1333:14:1333:26 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1345:2:1345:26 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1345:14:1345:26 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1384:20:1384:23 | year | semmle.label | year |
-| test.cpp:1387:2:1387:17 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1397:3:1397:22 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1397:15:1397:22 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1402:12:1402:17 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1411:3:1411:22 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1411:15:1411:22 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1421:3:1421:20 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1421:13:1421:20 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1423:12:1423:18 | yeartmp | semmle.label | yeartmp |
-| test.cpp:1466:3:1466:22 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1466:15:1466:22 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1471:12:1471:17 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1478:12:1478:17 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1492:2:1492:16 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1492:9:1492:16 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1496:3:1496:18 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1501:12:1501:15 | year | semmle.label | year |
-| test.cpp:1504:2:1504:16 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1504:9:1504:16 | ... + ... | semmle.label | ... + ... |
-| test.cpp:1510:12:1510:15 | year | semmle.label | year |
-| test.cpp:1558:2:1558:10 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1561:2:1561:15 | ... = ... | semmle.label | ... = ... |
-| test.cpp:1591:2:1591:22 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1599:2:1599:22 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1678:2:1678:22 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1690:2:1690:22 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1723:2:1723:22 | ... += ... | semmle.label | ... += ... |
-| test.cpp:1799:2:1799:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1287:2:1287:26 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1287:14:1287:26 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1299:2:1299:26 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1299:14:1299:26 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1338:20:1338:23 | year | semmle.label | year |
+| test.cpp:1341:2:1341:17 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1351:3:1351:22 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1351:15:1351:22 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1356:12:1356:17 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1365:3:1365:22 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1365:15:1365:22 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1375:3:1375:20 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1375:13:1375:20 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1377:12:1377:18 | yeartmp | semmle.label | yeartmp |
+| test.cpp:1420:3:1420:22 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1420:15:1420:22 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1425:12:1425:17 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1432:12:1432:17 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1446:2:1446:16 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1446:9:1446:16 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1450:3:1450:18 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1455:12:1455:15 | year | semmle.label | year |
+| test.cpp:1458:2:1458:16 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1458:9:1458:16 | ... + ... | semmle.label | ... + ... |
+| test.cpp:1464:12:1464:15 | year | semmle.label | year |
+| test.cpp:1512:2:1512:10 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1515:2:1515:15 | ... = ... | semmle.label | ... = ... |
+| test.cpp:1545:2:1545:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1553:2:1553:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1632:2:1632:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1644:2:1644:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1677:2:1677:22 | ... += ... | semmle.label | ... += ... |
+| test.cpp:1753:2:1753:22 | ... += ... | semmle.label | ... += ... |
 subpaths
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected
index e893ae1fff0..9c1d83861f0 100644
--- a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected	
+++ b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected	
@@ -1,6 +1,6 @@
 | test.cpp:425:2:425:21 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:417:13:417:14 | st | st |
 | test.cpp:443:2:443:21 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:435:13:435:14 | st | st |
 | test.cpp:459:2:459:21 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:451:62:451:63 | st | st |
-| test.cpp:956:3:956:22 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:947:14:947:15 | st | st |
-| test.cpp:974:3:974:22 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:965:14:965:15 | st | st |
-| test.cpp:1081:2:1081:21 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:1071:13:1071:14 | st | st |
+| test.cpp:953:3:953:22 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:944:14:944:15 | st | st |
+| test.cpp:971:3:971:22 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:962:14:962:15 | st | st |
+| test.cpp:1035:2:1035:21 | call to SystemTimeToFileTime | Return value of $@ function should be verified to check for any error because variable $@ is not guaranteed to be safe. | test.cpp:101:1:101:20 | SystemTimeToFileTime | SystemTimeToFileTime | test.cpp:1025:13:1025:14 | st | st |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp
index 4451450fb25..28bf66b3436 100644
--- a/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp	
+++ b/cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp	
@@ -822,17 +822,14 @@ void test(int x)
  * Positive AntiPattern 1 NOTE: historically considered positive but mktime checks year validity, needs re-assessment
  * Year field is modified but via an intermediary variable.
 */
-bool tp_intermediaryVar(struct timespec now, struct logtime &timestamp_remote)
+void tp_intermediaryVar(struct timespec now, struct logtime &timestamp_remote)
 {
 	struct tm tm_parsed;
-	bool timestamp_found = false;
 
 	struct tm tm_now;
 	time_t t_now;
 	int year;
 
-	timestamp_found = true;
-
 	/*
 	 * As the timestamp does not contain the year
 	 * number, daylight saving time information, nor
@@ -1000,26 +997,6 @@ bool tp_intermediaryVar(struct timespec now, struct logtime &timestamp_remote)
 		}
 	}
 
-	struct tm ltime(void)
-	{
-		SYSTEMTIME st;
-		struct tm tm;
-		bool isLeapYear;
-
-		GetLocalTime(&st);
-		tm.tm_sec=st.wSecond;
-		tm.tm_min=st.wMinute;
-		tm.tm_hour=st.wHour;
-		tm.tm_mday=st.wDay;
-		tm.tm_mon=st.wMonth-1;
-		tm.tm_year=(st.wYear>=1900?st.wYear-1900:0);
-
-		// Check for leap year, and adjust the date accordingly
-		isLeapYear = tm.tm_year % 4 == 0 && (tm.tm_year % 100 != 0 || tm.tm_year % 400 == 0);
-		tm.tm_mday = tm.tm_mon == 2 && tm.tm_mday == 29 && !isLeapYear ? 28 : tm.tm_mday;
-		return tm;
-	}
-
 /**
 * Negative Case - Anti-pattern 1: [year ±n, month, day]
 * Modification of SYSTEMTIME struct by copying from another struct, but no arithmetic is performed.
@@ -1040,29 +1017,6 @@ FMAPITimeToSysTimeW(LPCWSTR wszTime, SYSTEMTIME *psystime)
 	return true;
 }
 
-/**
-* Negative Case - Anti-pattern 1: [year ±n, month, day]
-* Modification of SYSTEMTIME struct by copying from another struct, but no arithmetic is performed.
-*/
-bool
-ATime_HrGetSysTime(SYSTEMTIME *pst)
-{
-	// if (!FValidSysTime())
-	// 	{
-	// 	TrapSzTag("ATime cannot be converted to SYSTEMTIME", 0x1e14f5c3 /* tag_4fpxd */);
-	// 	CORgTag(E_FAIL, 0x6c373230 /* tag_l720 */);
-	// 	}
-	
-	// pst->wYear = static_cast<WORD>(m_lYear);
-	// pst->wMonth = static_cast<WORD>(m_lMonth);
-	// //pst->wDayOfWeek = ???;
-	// pst->wDay = static_cast<WORD>(m_lDay);
-	// pst->wHour = static_cast<WORD>(m_lHour);
-	// pst->wMinute = static_cast<WORD>(m_lMinute);
-	// pst->wSecond = static_cast<WORD>(m_lSecond);
-	// pst->wMilliseconds = 0;
-}
-
 /**
 * Negative Case - Anti-pattern 1: [year ±n, month, day]
 * Modification of SYSTEMTIME struct by copying from another struct, but no arithmetic is performed.
@@ -1413,7 +1367,7 @@ void constant_month_on_year_modification2(WORD year, WORD offset, WORD month){
 
 	
 	if(month++ > 12){
-		// some hueristics to detect a false positive here rely on variable names
+		// some heuristics to detect a false positive here rely on variable names
 		// which is often consistent in the wild. 
 		// This variant uses the variable names yeartmp and monthtmp
 		WORD yeartmp;