hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 07:15:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Support guards without implicit boolean conversions.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-04-30 12:04:35 +01:00
parent d736426529
commit bb6cc92728
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
View File

@@ -796,13 +796,18 @@ private predicate simple_comparison_eq(Instruction test, Operand op, int k, Abst
// there's a branch on a value ofpointer or integer type.
exists(ConditionalBranchInstruction branch, IRType type |
not test instanceof CompareInstruction and
type = test.getResultIRType() and
(type instanceof IRAddressType or type instanceof IRIntegerType) and
test = branch.getCondition() and
op.getDef() = test
|
k = 1 and
value.(BooleanValue).getValue() = true
or
// We'd like to also include a case such as:
// ```
// k = 1 and
// value.(BooleanValue).getValue() = true
// ```
// but all we know is that the value is non-zero in the true branch.
// So we can only conclude something in the false branch.
k = 0 and
value.(BooleanValue).getValue() = false
)