hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Reintroduce the exprMightOverflowNegatively bit.

Browse Source
This commit is contained in:
Geoffrey White
2021-04-06 22:35:04 +01:00
parent 60e4faba4c
commit a8193dac08
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql
View File

@@ -72,5 +72,6 @@ where
ro.getLesserOperand().getValue().toInt() = 0 and
ro.getGreaterOperand() = sub and
sub.getFullyConverted().getUnspecifiedType().(IntegralType).isUnsigned() and
not exprIsSubLeftOrLess(sub, sub.getRightOperand())
exprMightOverflowNegatively(sub.getFullyConverted()) and // generally catches false positives involving constants
not exprIsSubLeftOrLess(sub, sub.getRightOperand()) // generally catches false positives where there's a relation between the left and right operands
select ro, "Unsigned subtraction can never be negative."