hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 00:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reduce false alarms raised by static variables

Browse Source 
Static variables are initialized to zero or null by compiler, no need to get an initializer of them.
See https://stackoverflow.com/questions/13251083/the-initialization-of-static-variables-in-c
See 6.7.8/10 in the C99 Standard.

A relevant PR: https://github.com/github/codeql/pull/16527
This commit is contained in:
codeqlhelper
2025-07-27 23:46:53 +08:00
committed by GitHub
parent 89dcad48f4
commit cf21997c0f
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cpp/ql/src/Critical/InitialisationNotRun.ql
View File

@@ -32,9 +32,18 @@ predicate called(Function f) {
exists(FunctionAccess fa | fa.getTarget() = f)
}
predicate staticWithoutDereference(GlobalVariable v) {
v.isStatic() and
not exists(VariableAccess va |
va = v.getAnAccess() and
dereferenced(va)
)
}
from GlobalVariable v
where
global(v) and
not staticWithoutDereference(v) and
not exists(VariableAccess lval |
v.getAnAccess() = lval and
lval.isUsedAsLValue() and