Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A7-1-7: Exclude expression statements in macros #629

Open
lcartey opened this issue Jun 26, 2024 · 0 comments
Open

A7-1-7: Exclude expression statements in macros #629

lcartey opened this issue Jun 26, 2024 · 0 comments
Labels
Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Standard-AUTOSAR

Comments

@lcartey
Copy link
Collaborator

lcartey commented Jun 26, 2024

Affected rules

  • A7-1-7

Description

Macro expansion can cause multiple expressions and statements to appear at the same location. We exclude macro expanded declarations, I think we should do the same for expression statements.

Reviewing the query, I think this is actually caused by a bracketing issue:

    not isAffectedByMacro() and
   // MISSING OPENING BRACKET HERE
    exists(Declaration d |
       ...
    )
    or
    this instanceof ExprStmt and
    not exists(ForStmt f | f.getInitialization().getAChild*() = this) and
    not exists(LambdaExpression l | l.getLambdaFunction().getBlock().getAChild*() = this)
   // MISSING CLOSED BRACKET HERE

There's also an interesting thing happening here with locations - as we might expect such macro expansions to by the not l1 = l2 line in the select clause:

  exists(Location l1, Location l2 |
    e1.getLocation() = l1 and
    e2.getLocation() = l2 and
    not l1 = l2 and
....

The reason this doesn't exclude this case is that when we expand the macro, we may provide different locations for the expressions and statements within, if we can associate them with a specific macro parameter.

Example

#define foo(x, y)                                                              \
  x++;                                                                         \
  y++;

void test_macro() {
  int a = 1;
  int b = 1;
  foo(a, b); // COMPLIANT
}
@lcartey lcartey added Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium labels Jun 26, 2024
@lcartey lcartey moved this from Reported to Triaged in Coding Standards Public Development Board Jun 26, 2024
fjatWbyT added a commit to fjatWbyT/codeql-coding-standards that referenced this issue Oct 30, 2024
@fjatWbyT fjatWbyT mentioned this issue Oct 30, 2024
28 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Standard-AUTOSAR
Projects
Development

No branches or pull requests

2 participants