Java: Add a change note, and a minor ql comment.

2025-12-16 16:53:25 +01:00 · 2025-09-15 10:14:26 +02:00
parent e302616135
commit b308c5438f
2 changed files with 5 additions and 0 deletions
--- a/java/ql/src/change-notes/2025-09-15-nullness-reimp.md
+++ b/java/ql/src/change-notes/2025-09-15-nullness-reimp.md
@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* The implementation of `java/dereferenced-value-may-be-null` has been completely replaced with a new general control-flow reachability library. This improves precision by reducing false positives. However, since the entire calculation has been reworked, there can be small corner cases where precision regressions might occur and new false positives may occur, but these cases should be rare.
--- a/shared/controlflow/codeql/controlflow/Guards.qll
+++ b/shared/controlflow/codeql/controlflow/Guards.qll
@@ -210,6 +210,7 @@ module Make<
    TValue(TAbstractSingleValue val, Boolean isVal) or
    TIntRange(int bound, Boolean upper) {
      exists(ConstantExpr c | c.asIntegerValue() + [-1, 0, 1] = bound) and
+      // exclude edge cases to avoid overflow issues when computing duals
      bound != 2147483647 and
      bound != -2147483648
    } or