C++: More principled macro exclusion

jbj · jbj · commit 1b849dbf0ec1 · 2019-11-13T14:22:38.000+01:00
We no longer exclude macros based on their name, which means we can now
find results inside arguments to the `likely` macro in Linux (except
that Linux is compiled with `-fno-strict-overflow`).
diff --git a/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql b/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql
@@ -12,20 +12,16 @@
 
 import cpp
 private import semmle.code.cpp.valuenumbering.GlobalValueNumbering
+private import semmle.code.cpp.commons.Exclusions
 
 from RelationalOperation ro, PointerAddExpr add, Expr expr1, Expr expr2
 where
   ro.getAnOperand() = add and
   add.getAnOperand() = expr1 and
   ro.getAnOperand() = expr2 and
   globalValueNumber(expr1) = globalValueNumber(expr2) and
-  // Exclude macros except for assert macros.
-  // TODO: port that location-based macro check we have in another query. Then
-  // we don't need to special-case on names.
-  not exists(MacroInvocation mi |
-    mi.getAnAffectedElement() = add and
-    not mi.getMacroName().toLowerCase().matches("%assert%")
-  ) and
+  // Exclude macros but not their arguments
+  not isFromMacroDefinition(ro) and
   // There must be a compilation of this file without a flag that makes pointer
   // overflow well defined.
   exists(Compilation c | c.getAFileCompiled() = ro.getFile() |
