github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

CPP: Improve wording of UnsafeArrayForDAysOfYear.ql.

This commit is contained in:
Geoffrey White 2019-06-25 14:36:24 +01:00
Родитель db6e2904a8
Коммит 627fba81ce
2 изменённых файлов: 12 добавлений и 8 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

14
cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql
Просмотреть файл

@ -16,22 +16,26 @@ class LeapYearUnsafeDaysOfTheYearArrayType extends ArrayType {
LeapYearUnsafeDaysOfTheYearArrayType() { this.getArraySize() = 365 }
}
from Element element
from Element element, string allocType
where
exists(NewArrayExpr nae |
element = nae and
nae.getAllocatedType() instanceof LeapYearUnsafeDaysOfTheYearArrayType
nae.getAllocatedType() instanceof LeapYearUnsafeDaysOfTheYearArrayType and
allocType = "an array allocation"
)
or
exists(Variable var |
var = element and
var.getType() instanceof LeapYearUnsafeDaysOfTheYearArrayType
var.getType() instanceof LeapYearUnsafeDaysOfTheYearArrayType and
allocType = "an array allocation"
)
or
exists(ConstructorCall cc |
element = cc and
cc.getTarget().hasName("vector") and
cc.getArgument(0).getValue().toInt() = 365
cc.getArgument(0).getValue().toInt() = 365 and
allocType = "a std::vector allocation"
)
select element,
"There is an array or std::vector allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios."
"There is " + allocType +
" with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios."

6
cpp/ql/test/query-tests/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear/UnsafeArrayForDaysOfYear.expected
Просмотреть файл

@ -1,3 +1,3 @@
| test.cpp:17:6:17:10 | items | There is an array or std::vector allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |
| test.cpp:25:15:25:26 | new[] | There is an array or std::vector allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |
| test.cpp:52:20:52:23 | call to vector | There is an array or std::vector allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |
| test.cpp:17:6:17:10 | items | There is an array allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |
| test.cpp:25:15:25:26 | new[] | There is an array allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |
| test.cpp:52:20:52:23 | call to vector | There is a std::vector allocation with a hard-coded set of 365 elements, which may indicate the number of days in a year without considering leap year scenarios. |