hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Address some review comments on RangeNode class

Browse Source
This commit is contained in:
Gulshan Singh
2023-03-20 09:36:13 -07:00
parent e2fdfbb71f
commit bae1dfebb2
1 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/RangeNode.qll
View File

@@ -1,3 +1,13 @@
/**
* This module implements subclasses for various DataFlow nodes that extends
* their `toString()` predicates with range information, if applicable. By
* including this module in a `path-problem` query, this range information
* will be displayed at each step in the query results.
*
* This is currently implemented for `DataFlow::ExprNode` and `DataFlow::DefinitionByReferenceNode`,
* but it is not yet implemented for `DataFlow::ParameterNode`.
*/
private import cpp private import cpp
private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.dataflow.DataFlow
private import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis private import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
@@ -39,9 +49,7 @@ predicate hasIntegralOrReferenceIntegralType(Locatable e) {
// This will cover variables, parameters, type declarations, etc. // This will cover variables, parameters, type declarations, etc.
t = e.(DeclarationEntry).getUnspecifiedType() t = e.(DeclarationEntry).getUnspecifiedType()
) and ) and
isIntegralType(t) (isIntegralType(t) or isIntegralReferenceType(t))
or
isIntegralReferenceType(t)
) )
} }
@@ -68,27 +76,24 @@ private class ExprRangeNode extends DataFlow::ExprNode {
private string getOperationBounds(Operation e) { private string getOperationBounds(Operation e) {
result = result =
getExprBoundAsString(e) + " = " + getExprBoundAsString(getLOp(e)) + getExprBoundAsString(e) + " = " + getExprBoundAsString(getLOp(e)) + e.getOperator() +
e.(Operation).getOperator() + getExprBoundAsString(getROp(e)) getExprBoundAsString(getROp(e))
} }
private string getCallBounds(Call e) { private string getCallBounds(Call e) {
result = result =
getExprBoundAsString(e) + "(" + getExprBoundAsString(e) + "(" +
concat(Expr arg, int i | concat(Expr arg, int i | arg = e.getArgument(i) | getIntegralBounds(arg) order by i, ",") +
arg = e.(Call).getArgument(i) ")"
|
getIntegralBounds(arg) order by i, ","
) + ")"
} }
override string toString() { override string toString() {
exists(Expr e | e = getExpr() | exists(Expr e | e = getExpr() |
if hasIntegralOrReferenceIntegralType(e) if hasIntegralOrReferenceIntegralType(e)
then then
exists(getOperationBounds(e)) and result = super.toString() + ": " + getOperationBounds(e) result = super.toString() + ": " + getOperationBounds(e)
or or
exists(getCallBounds(e)) and result = super.toString() + ": " + getCallBounds(e) result = super.toString() + ": " + getCallBounds(e)
or or
not exists(getOperationBounds(e)) and not exists(getOperationBounds(e)) and
not exists(getCallBounds(e)) and not exists(getCallBounds(e)) and
@@ -108,4 +113,3 @@ private class ReferenceArgumentRangeNode extends DataFlow::DefinitionByReference
else result = super.toString() else result = super.toString()
} }
} }
// TODO: Show ranges for DataFlow::ExplicitParameterNode