Update for feedback

2026-04-27 09:45:15 +02:00 · 2018-11-13 16:50:00 +00:00
parent 2e8f51a545
commit c6af79979c
8 changed files with 14 additions and 8 deletions
--- a/cpp/ql/src/Critical/DescriptorMayNotBeClosed.ql
+++ b/cpp/ql/src/Critical/DescriptorMayNotBeClosed.ql
@@ -1,6 +1,6 @@
 /**
 * @name Open descriptor may not be closed
- * @description Failing to close resources in the function that opened them, makes it difficult to avoid and detect resource leaks.
+ * @description Failing to close resources in the function that opened them makes it difficult to avoid and detect resource leaks.
 * @kind problem
 * @id cpp/descriptor-may-not-be-closed
 * @problem.severity warning
--- a/cpp/ql/src/Critical/InitialisationNotRun.qhelp
+++ b/cpp/ql/src/Critical/InitialisationNotRun.qhelp
@@ -20,7 +20,7 @@ optimizations are enabled or the compiler is not compliant with the latest langu
 </recommendation>
 <example>
 <p>In the example below, the code that triggers the initialization of <code>g_storage</code> is not run from <code>main</code>. 
-Unless the variable is initialized by another method, the call on line 10 may not use the intended value.
+Unless the variable is initialized by another method, the call on line 10 may dereference a null pointer.
 </p>

 <sample src="InitialisationNotRun.cpp" />
--- a/cpp/ql/src/Critical/InitialisationNotRun.ql
+++ b/cpp/ql/src/Critical/InitialisationNotRun.ql
@@ -1,6 +1,6 @@
 /**
 * @name Initialization code not run
- * @description Using an uninitialized variable may lead to undefined results.
+ * @description Not running initialization code may lead to unexpected behavior.
 * @kind problem
 * @id cpp/initialization-not-run
 * @problem.severity warning
--- a/cpp/ql/src/Critical/LateNegativeTest.qhelp
+++ b/cpp/ql/src/Critical/LateNegativeTest.qhelp
@@ -26,10 +26,12 @@ negative then the negativity test is redundant and can be removed.

 <example>
 <p>The example below includes two functions that use the value <code>recordIdx</code> to 
-index an array and a test to verify that the value is positive. The test is made after 
-<code>printRecord</code> is indexed and before <code>processRecord</code> is indexed. 
+index an array and a test to verify that the value is positive. 
+The test is made after <code>records</code> is indexed for <code>printRecord</code> and 
+before <code>records</code> is indexed for <code>processRecord</code>. 
 Unless the value of <code>recordIdx</code> cannot be negative, the test should be 
-updated to run <em>before</em> both arrays are indexed.
+updated to run before <em>both</em> times the array is indexed. 
+If the value cannot be negative, the test should be removed.
 </p>

 <sample src="LateNegativeTest.cpp" />
@@ -37,5 +39,6 @@ updated to run <em>before</em> both arrays are indexed.

 <references>
 <li>cplusplus.com: <a href="http://www.cplusplus.com/doc/tutorial/pointers/">Pointers</a>.</li>
+<li>SEI CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts">ARR30-C. Do not form or use out-of-bounds pointers or array subscripts</a>.</li>
 </references>
 </qhelp>
--- a/cpp/ql/src/Critical/LateNegativeTest.ql
+++ b/cpp/ql/src/Critical/LateNegativeTest.ql
@@ -1,6 +1,7 @@
 /**
 * @name Pointer offset used before it is checked
- * @description Setting a pointer offset before checking if the value is positive 
+ * @description Accessing a pointer or array using an offset before 
+ *              checking if the value is positive 
 *              may result in unexpected behavior.
 * @kind problem
 * @id cpp/late-negative-test
--- a/cpp/ql/src/Critical/MissingNegativityTest.qhelp
+++ b/cpp/ql/src/Critical/MissingNegativityTest.qhelp
@@ -35,5 +35,6 @@ is positive and safe to use as an array offset.

 <references>
 <li>cplusplus.com: <a href="http://www.cplusplus.com/doc/tutorial/pointers/">Pointers</a>.</li>
+<li>SEI CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts">ARR30-C. Do not form or use out-of-bounds pointers or array subscripts</a>.</li>
 </references>
 </qhelp>
--- a/cpp/ql/src/Critical/MissingNegativityTest.ql
+++ b/cpp/ql/src/Critical/MissingNegativityTest.ql
@@ -1,6 +1,6 @@
 /**
 * @name Unchecked return value used as offset
- * @description  Using a value as a pointer offset without checking that the value is positive
+ * @description  Using a return value as a pointer offset without checking that the value is positive
 *               may lead to buffer overruns.
 * @kind problem
 * @id cpp/missing-negativity-test
--- a/cpp/ql/src/Critical/ReturnStackAllocatedObject.qhelp
+++ b/cpp/ql/src/Critical/ReturnStackAllocatedObject.qhelp
@@ -32,5 +32,6 @@ heap-allocated memory.

 <references>
 <li>cplusplus.com: <a href="http://www.cplusplus.com/doc/tutorial/pointers/">Pointers</a>.</li>
+<li>The craft of coding: <a href="https://craftofcoding.wordpress.com/2015/12/07/memory-in-c-the-stack-the-heap-and-static/">Memory in C - the stack, the heap, and static</a>.</li>
 </references>
 </qhelp>