hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix case where implicit downcasts were not detected when using reference

Browse Source
This commit is contained in:
Anders Fugmann
2021-08-23 14:44:49 +02:00
parent 8939a9b2c1
commit 9324d8f348
3 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cpp/ql/src/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql
View File

@@ -13,10 +13,16 @@
import cpp
from BitField fi, VariableAccess va
from BitField fi, VariableAccess va, Type fct
where
fi.getNumBits() > va.getFullyConverted().getType().getSize() * 8 and
va.getExplicitlyConverted().getType().getSize() > va.getFullyConverted().getType().getSize() and
(
if va.getFullyConverted().getType() instanceof ReferenceType
then fct = va.getFullyConverted().getType().(ReferenceType).getBaseType()
else fct = va.getFullyConverted().getType()
) and
fi.getNumBits() > fct.getSize() * 8 and
va.getExplicitlyConverted().getType().getSize() > fct.getSize() and
va.getTarget() = fi and
not va.getActualType() instanceof BoolType
not fct.getUnspecifiedType() instanceof BoolType and
any()
select va, "Implicit downcast of bitfield $@", fi, fi.toString()