hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 12:48:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Address false positive results.

Browse Source
This commit is contained in:
Geoffrey White
2026-03-16 16:48:54 +00:00
parent 1130870168
commit a57f803b37
3 changed files with 8 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql
View File

@@ -168,9 +168,11 @@ where
formatOtherArgType(ffc, n, expected, arg, actual) and
not actual.getUnspecifiedType().(IntegralType).getSize() = sizeof_IntType()
) and
// Exclude some cases where we're less confident the result is correct / clear / valuable
not arg.isAffectedByMacro() and
not arg.isFromUninstantiatedTemplate(_) and
not actual.stripType() instanceof ErroneousType and
not arg.getType().stripType().(RoutineType).getReturnType() instanceof ErroneousType and
not arg.(Call).mayBeFromImplicitlyDeclaredFunction() and
// Make sure that the format function definition is consistent
count(ffc.getTarget().getFormatParameterIndex()) = 1

6
cpp/ql/test/query-tests/Likely Bugs/Format/WrongTypeFormatArguments/Buildless/WrongTypeFormatArguments.expected
View File

@@ -1,9 +1,3 @@
| second.cpp:13:19:13:19 | s | This format specifier for type 'size_t' does not match the argument type '..(*)(..)'. |
| second.cpp:14:19:14:19 | s | This format specifier for type 'size_t' does not match the argument type '..(*)(..)'. |
| second.cpp:15:18:15:18 | s | This format specifier for type 'int' does not match the argument type '..(*)(..)'. |
| second.cpp:16:19:16:19 | s | This format specifier for type 'long' does not match the argument type '..(*)(..)'. |
| second.cpp:17:20:17:20 | s | This format specifier for type 'long long' does not match the argument type '..(*)(..)'. |
| second.cpp:18:18:18:18 | s | This format specifier for type 'unsigned int' does not match the argument type '..(*)(..)'. |
| second.cpp:26:18:26:39 | ... - ... | This format specifier for type 'int' does not match the argument type 'long'. |
| second.cpp:29:18:29:39 | ... - ... | This format specifier for type 'unsigned int' does not match the argument type 'long'. |
| tests.c:7:18:7:18 | 1 | This format specifier for type 'char *' does not match the argument type 'int'. |

12
cpp/ql/test/query-tests/Likely Bugs/Format/WrongTypeFormatArguments/Buildless/second.cpp
View File

@@ -10,12 +10,12 @@ void test_size_t() {
printf("%zd", s); // GOOD
printf("%zi", s); // GOOD
printf("%zu", s); // GOOD (we generally permit signedness changes) [FALSE POSITIVE]
printf("%zx", s); // GOOD (we generally permit signedness changes) [FALSE POSITIVE]
printf("%d", s); // BAD
printf("%ld", s); // BAD
printf("%lld", s); // BAD
printf("%u", s); // BAD
printf("%zu", s); // GOOD (we generally permit signedness changes)
printf("%zx", s); // GOOD (we generally permit signedness changes)
printf("%d", s); // BAD [NOT DETECTED]
printf("%ld", s); // BAD [NOT DETECTED]
printf("%lld", s); // BAD [NOT DETECTED]
printf("%u", s); // BAD [NOT DETECTED]
char buffer[1024];