hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
62311eb37dc4bd546a3a691963e1e1c4879d48fd
codeql/change-notes/1.23/analysis-cpp.md
Geoffrey White 62311eb37d CPP: Change note.
2019-10-14 11:03:49 +01:00

4.0 KiB
Raw Blame History

Improvements to C/C++ analysis

The following changes in version 1.23 affect C/C++ analysis in all applications.

General improvements

New queries

Query Tags Purpose
Hard-coded Japanese era start date (cpp/japanese-era/exact-era-date) reliability, japanese-era This query is a combination of two old queries that were identical in purpose but separate as an implementation detail. This new query replaces Hard-coded Japanese era start date in call (cpp/japanese-era/constructor-or-method-with-exact-era-date) and Hard-coded Japanese era start date in struct (cpp/japanese-era/struct-with-exact-era-date).

Changes to existing queries

Query Expected impact Change
Query name (query id) Expected impact Message.
Hard-coded Japanese era start date in call (cpp/japanese-era/constructor-or-method-with-exact-era-date) Deprecated This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (cpp/japanese-era/exact-era-date) instead.
Hard-coded Japanese era start date in struct (cpp/japanese-era/struct-with-exact-era-date) Deprecated This query has been deprecated. Use the new combined query Hard-coded Japanese era start date (cpp/japanese-era/exact-era-date) instead.
Hard-coded Japanese era start date (cpp/japanese-era/exact-era-date) More correct results This query now checks for the beginning date of the Reiwa era (1st May 2019).
Sign check of bitwise operation (cpp/bitwise-sign-check) Fewer false positive results Results involving >= or <= are no longer reported.
Too few arguments to formatting function (cpp/wrong-number-format-arguments) Fewer false positive results Fixed false positives resulting from mistmatching declarations of a formatting function.
Too many arguments to formatting function (cpp/too-many-format-arguments) Fewer false positive results Fixed false positives resulting from mistmatching declarations of a formatting function.
Unclear comparison precedence (cpp/comparison-precedence) Fewer false positive results False positives involving template classes and functions have been fixed.

Changes to QL libraries

  • The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().
  • The data-flow library now allows flow through the address-of operator (&).
  • The DataFlow::DefinitionByReferenceNode class now considers f(x) to be a definition of x when x is a variable of pointer type. It no longer considers deep paths such as f(&x.myField) to be definitions of x. These changes are in line with the user expectations we've observed.
  • There is now a DataFlow::localExprFlow predicate and a TaintTracking::localExprTaint predicate to make it easy to use the most common case of local data flow and taint: from one Expr to another.
  • The member predicates of the FunctionInput and FunctionOutput classes have been renamed for clarity (e.g. isOutReturnPointer() to isReturnValueDeref()). The existing member predicates have been deprecated, and will be removed in a future release. Code that uses the old member predicates should be updated to use the corresponding new member predicate.