C++: Improvements to reduce false alarms #16149
Conversation
We should ignore `checked` in a macro to avoid too many false alarms,
There was a problem hiding this comment.
Hi @codeqlhelper,
Thanks for your contribution! I've added some suggestions that I think will improve this PR, but otherwise I think this looks good.
Ideally, this PR should also come with some added tests, but it doesn't look like these queries have any tests in our repository 😬 If you have some tests lying around for when you were doing these changes please post them as comments in here and I'll be happy to incorporate them into actual query tests once I've set up the right folder structure for it (that probably won't be done as part of this PR, though).
|
CI is telling me that you need to format Edit: I figured I might as well push the autoformat myself to spare you those annoying details 🙂 |
MathiasVP
changed the title
|
Testcase for GlobalUseBeforeInit.ql #include <stdarg.h>
#include <stdio.h>
int a = 1;
int my_printf(const char * fmt, ...)
{
va_list vl;
int ret;
va_start(vl, fmt);
ret = vfprintf(stdout, fmt, vl);
ret = vfprintf(stderr, fmt, vl);
va_end(vl);
return ret;
}
int f1()
{
my_printf("%d\n", a + 2);
return 0;
}
int main()
{
int b = f1();
return 0;
}Testcase for InconsistentNullnessTesting.ql is somewhat complicated. I failed to provide a simple manual sample. Then you can see many warnings like In terms of minor or major, both of them are OK for me. I select majorAnalysis since the document marks reducing FP in majorAnalysis, and the outcome may influence some users. |
|
Thanks for the detailed instructions. I've added your tests to the PR now. Since the tests needed to be placed in a particular directory that matches our existing directory structure in a way that's not written down anywhere (I think) I simply pushed the required changes to your PR. This all LGTM me now and I'll approve it once CI is green 🤞 |
No description provided.