From 9218afedbe0ae960ec21f8af28d4eee93e5dd400 Mon Sep 17 00:00:00 2001 From: Mingjie Shen Date: Mon, 3 Jul 2023 02:12:00 -0400 Subject: [PATCH] C++: exclude uninitialized uses that are cast to void This eliminates FPs caused by casting a variable explicitly to void type. Developers use this cast to suppress compiler warnings on unused variables, e.g. (void) x; --- .../Likely Bugs/Memory Management/UninitializedLocal.ql | 7 +++++++ .../change-notes/2023-07-03-improve-uninitialized-local.md | 4 ++++ 2 files changed, 11 insertions(+) create mode 100644 cpp/ql/src/change-notes/2023-07-03-improve-uninitialized-local.md diff --git a/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql b/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql index baa98bdfb2f..809f52d8a49 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql +++ b/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql @@ -72,6 +72,13 @@ VariableAccess commonException() { or result.getParent() instanceof BuiltInOperation or + // Ignore the uninitialized use that is explicitly cast to void and + // is also an expression statement. + ( + result.getActualType() instanceof VoidType and + result.getParent() instanceof ExprStmt + ) + or // Finally, exclude functions that contain assembly blocks. It's // anyone's guess what happens in those. containsInlineAssembly(result.getEnclosingFunction()) diff --git a/cpp/ql/src/change-notes/2023-07-03-improve-uninitialized-local.md b/cpp/ql/src/change-notes/2023-07-03-improve-uninitialized-local.md new file mode 100644 index 00000000000..c8c1a0bd6ba --- /dev/null +++ b/cpp/ql/src/change-notes/2023-07-03-improve-uninitialized-local.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/uninitialized-local` query now excludes uninitialized uses that are explicitly cast to void and are expression statements. As a result, the query will report less false positives. \ No newline at end of file