Merge branch 'main' into andersfugmann/improve_upper_bound

cpp/change-notes/2021-08-17-has-c-linkage.md

@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added `RoutineType.hasCLinkage` predicate to check whether a function type has "C" language linkage.

cpp/change-notes/2021-08-23-ctime-weaken-claims.md

@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Lowered the precision of `cpp/potentially-dangerous-function` so it is run but not displayed on LGTM by default and so it's only run and displayed on Code Scanning if a broader suite like `cpp-security-extended` is opted into.

cpp/change-notes/2021-08-23-getPrimaryQlClasses.md

@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added `Element.getPrimaryQlClasses()` predicate, which gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs.

cpp/change-notes/2021-08-24-implicit-downcast-from-bitfield.md

@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The query `cpp/implicit-bitfield-downcast` now accounts for C++ reference types, which leads to more true positive results.

cpp/ql/examples/qlpack.yml

@@ -1,3 +1,3 @@
 name: codeql-cpp-examples
 version: 0.0.0
-libraryPathDependencies: codeql-cpp
+libraryPathDependencies: codeql/cpp-all

cpp/ql/lib/qlpack.lock.yml

@@ -0,0 +1,4 @@
+---
+dependencies: {}
+compiled: false
+lockVersion: 1.0.0

cpp/ql/lib/qlpack.yml

@@ -0,0 +1,5 @@
+name: codeql/cpp-all
+version: 0.0.2
+dbscheme: semmlecode.cpp.dbscheme
+extractor: cpp
+library: true

cpp/ql/lib/semmle/code/cpp/Element.qll

@@ -58,6 +58,11 @@ class ElementBase extends @element {
   /** DEPRECATED: use `getAPrimaryQlClass` instead. */
   deprecated string getCanonicalQLClass() { result = this.getAPrimaryQlClass() }
 
+  /**
+   * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs.
+   */
+  final string getPrimaryQlClasses() { result = concat(getAPrimaryQlClass(), ",") }
+
   /**
    * Gets the name of a primary CodeQL class to which this element belongs.
    *

cpp/ql/lib/semmle/code/cpp/Initializer.qll

@@ -18,6 +18,12 @@ import semmle.code.cpp.controlflow.ControlFlowGraph
  *   ...
  * }
  * ```
+ * But _not_ `4` in the following code:
+ * ```
+ * int myUninitializedVariable;
+ * myUninitializedVariable = 4;
+ * ```
+ * Instead, this is an `Assignment`.
  */
 class Initializer extends ControlFlowNode, @initialiser {
   override Location getLocation() { initialisers(underlyingElement(this), _, _, result) }

cpp/ql/lib/semmle/code/cpp/PrintAST.qll

@@ -46,7 +46,7 @@ private string escapeString(string s) {
  * string representation comes first in lexicographical order.
  */
 private Location getRepresentativeLocation(Locatable ast) {
-  result = rank[1](Location loc | loc = ast.getLocation() | loc order by loc.toString())
+  result = min(Location loc | loc = ast.getLocation() | loc order by loc.toString())
 }
 
 /**

cpp/ql/lib/semmle/code/cpp/Type.qll

@@ -1621,6 +1621,19 @@ class RoutineType extends Type, @routinetype {
    */
   Type getReturnType() { routinetypes(underlyingElement(this), unresolveElement(result)) }
 
+  /**
+   * Holds if this function type has "C" language linkage.
+   *
+   * This includes any function declared in a C source file, or explicitly marked as having "C" linkage:
+   * ```
+   * extern "C" void f();
+   * extern "C" {
+   * void g();
+   * }
+   * ```
+   */
+  predicate hasCLinkage() { this.hasSpecifier("c_linkage") }
+
   override string explain() {
     result =
       "function returning {" + this.getReturnType().explain() + "} with arguments (" +

cpp/ql/lib/semmle/code/cpp/Variable.qll

@@ -136,6 +136,12 @@ class Variable extends Declaration, @variable {
   /**
    * Gets an assignment expression that assigns to this variable.
    * For example: `x=...` or `x+=...`.
+   *
+   * This does _not_ include the initialization of the variable. Use
+   * `Variable.getInitializer()` to get the variable's initializer,
+   * or use `Variable.getAnAssignedValue()` to get an expression that
+   * is the right-hand side of an assignment or an initialization of
+   * the varible.
    */
   Assignment getAnAssignment() { result.getLValue() = this.getAnAccess() }