hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7681bf122cab8c4bcb0d396cc8e574beb535e0d
codeql/change-notes/1.23/analysis-cpp.md
Jonas Jensen d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
2019-09-03 11:49:01 +02:00

1.5 KiB
Raw Blame History

Improvements to C/C++ analysis

The following changes in version 1.23 affect C/C++ analysis in all applications.

General improvements

New queries

Query Tags Purpose
Query name (query id) tags Message.

Changes to existing queries

Query Expected impact Change
Query name (query id) Expected impact Message.

Changes to QL libraries

  • The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().
  • The DataFlow::DefinitionByReferenceNode class now considers f(x) to be a definition of x when x is a variable of pointer type. It no longer considers deep paths such as f(&x.myField) to be definitions of x. These changes are in line with the user expectations we've observed.