Merge pull request #19368 from igfoo/igfoo/add-check-for-buildmode-none

C++: Add exception for build-mode-none in various queries
2025-12-16 16:53:25 +01:00 · 2025-04-24 20:30:09 +01:00
parent 5920925041 0cd859c559
commit f9172ff493
5 changed files with 7 additions and 1 deletions
--- a/Bugs/Arithmetic/IntMultToLong.ql
+++ b/Bugs/Arithmetic/IntMultToLong.ql
@@ -179,6 +179,7 @@ predicate overflows(MulExpr me, Type t) {

 from MulExpr me, Type t1, Type t2
 where
+  not any(Compilation c).buildModeNone() and
  t1 = me.getType().getUnderlyingType() and
  t2 = me.getConversion().getType().getUnderlyingType() and
  t1.getSize() < t2.getSize() and
--- a/Bugs/Format/WrongTypeFormatArguments.ql
+++ b/Bugs/Format/WrongTypeFormatArguments.ql
@@ -154,6 +154,7 @@ int sizeof_IntType() { exists(IntType it | result = it.getSize()) }

 from FormattingFunctionCall ffc, int n, Expr arg, Type expected, Type actual
 where
+  not any(Compilation c).buildModeNone() and
  (
    formattingFunctionCallExpectedType(ffc, n, expected) and
    formattingFunctionCallActualType(ffc, n, arg, actual) and
--- a/Functions/ImplicitFunctionDeclaration.ql
+++ b/Functions/ImplicitFunctionDeclaration.ql
@@ -38,6 +38,7 @@ predicate isCompiledAsC(File f) {

 from FunctionDeclarationEntry fdeIm, FunctionCall fc
 where
+  not any(Compilation c).buildModeNone() and
  isCompiledAsC(fdeIm.getFile()) and
  not isFromMacroDefinition(fc) and
  fdeIm.isImplicit() and
--- a/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql
+++ b/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql
@@ -51,6 +51,7 @@ int getComparisonSizeAdjustment(Expr e) {

 from Loop l, RelationalOperation rel, VariableAccess small, Expr large
 where
+  not any(Compilation c).buildModeNone() and
  small = rel.getLesserOperand() and
  large = rel.getGreaterOperand() and
  rel = l.getCondition().getAChild*() and
--- a/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
+++ b/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
@@ -24,10 +24,12 @@ private predicate isCharSzPtrExpr(Expr e) {

 from Expr sizeofExpr, Expr e
 where
+  not any(Compilation c).buildModeNone() and
  // If we see an addWithSizeof then we expect the type of
  // the pointer expression to be `char*` or `void*`. Otherwise it
  // is probably a mistake.
-  addWithSizeof(e, sizeofExpr, _) and not isCharSzPtrExpr(e)
+  addWithSizeof(e, sizeofExpr, _) and
+  not isCharSzPtrExpr(e)
 select sizeofExpr,
  "Suspicious sizeof offset in a pointer arithmetic expression. The type of the pointer is $@.",
  e.getFullyConverted().getType() as t, t.toString()