hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Detect multiple definitions based on the format parameter index

Browse Source
This commit is contained in:
Calum Grant
2025-01-29 13:36:10 +00:00
parent cc35ec49e4
commit a033ba9347
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql
View File

@@ -152,10 +152,6 @@ predicate trivialConversion(ExpectedType expected, Type actual) {
*/ */
int sizeof_IntType() { exists(IntType it | result = it.getSize()) } int sizeof_IntType() { exists(IntType it | result = it.getSize()) }
predicate functionHasUniqueArguments(Function fn) {
forall(Parameter p | p = fn.getAParameter() | count(p.getType().getUnspecifiedType()) = 1)
}
from FormattingFunctionCall ffc, int n, Expr arg, Type expected, Type actual from FormattingFunctionCall ffc, int n, Expr arg, Type expected, Type actual
where where
( (
@@ -176,7 +172,8 @@ where
not arg.isFromUninstantiatedTemplate(_) and not arg.isFromUninstantiatedTemplate(_) and
not actual.stripType() instanceof ErroneousType and not actual.stripType() instanceof ErroneousType and
not arg.(Call).mayBeFromImplicitlyDeclaredFunction() and not arg.(Call).mayBeFromImplicitlyDeclaredFunction() and
functionHasUniqueArguments(ffc.getTarget()) // Make sure that the format function definition is consistent
count(ffc.getTarget().getFormatParameterIndex()) = 1
select arg, select arg,
"This format specifier for type '" + expected.getName() + "' does not match the argument type '" + "This format specifier for type '" + expected.getName() + "' does not match the argument type '" +
actual.getUnspecifiedType().getName() + "'." actual.getUnspecifiedType().getName() + "'."