C/C++ : change Variable and ArrayType name + Add detection for Uint 32 and 64

2025-12-22 19:56:32 +01:00 · 2022-05-05 14:27:50 +02:00
parent 83e26f41c0
commit c15c216c47
2 changed files with 14 additions and 10 deletions
--- a/Practices/WrongUintAccess.qhelp
+++ b/Practices/WrongUintAccess.qhelp
@@ -8,7 +8,7 @@
 </overview>

 <recommendation>
-<p>Use a Uint8 instead</p>
+<p>Use a int with a lower bit size instead. For instance in this example use a 8 bit int.</p>
 </recommendation>

 <example>
--- a/Practices/WrongUintAccess.ql
+++ b/Practices/WrongUintAccess.ql
@@ -8,16 +8,20 @@
 */

 import cpp
-import semmle.code.cpp.controlflow.SSA

 from
-  Variable E, ArrayExpr useExpr, ArrayType defExpr, VariableDeclarationEntry def, VariableAccess use
+  Variable var, ArrayExpr useExpr, VariableDeclarationEntry def, ArrayType defLine, VariableAccess use
 where
-  def = defExpr.getATypeNameUse() and
-  E = def.getDeclaration() and
+  def = defLine.getATypeNameUse() and
+  var = def.getDeclaration() and
  use = useExpr.getArrayBase() and
-  E = use.getTarget() and
-  useExpr.getArrayOffset().getType() instanceof UInt16_t and
-  defExpr.getArraySize() <= 256
-select useExpr, "Using a UInt16_t to acess the array $@ of size " + defExpr.getArraySize() + ".", E,
-  E.getName()
+  var = use.getTarget() and (
+  (useExpr.getArrayOffset().getType() instanceof UInt16_t and
+  defLine.getArraySize() <= 256) or
+  (useExpr.getArrayOffset().getType() instanceof UInt32_t and
+  defLine.getArraySize() <= 900) or
+  (useExpr.getArrayOffset().getType() instanceof UInt64_t and
+  defLine.getArraySize() <= 1000)
+  )
+select useExpr, "Using a " + useExpr.getArrayOffset().getType() +" to acess the array $@ of size " + defLine.getArraySize() + ".", var,
+  var.getName()