Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit e4ce834

Browse files
zlaski-semmlezlaski-semmle
committed
[CPP-340] Simplify MistypedFunctionArguments.ql and reduce its
 precision from very-high to high.
1 parent 96b8bdf commit e4ce834

1 file changed

Lines changed: 3 additions & 29 deletions

File tree

cpp/ql/src/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.ql

Lines changed: 3 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -6,17 +6,14 @@
66
* arguments on a stack may lead to unpredictable function behavior.
77
* @kind problem
88
* @problem.severity warning
9-
* @precision very-high
9+
* @precision high
1010
* @id cpp/mistyped-function-arguments
1111
* @tags correctness
1212
* maintainability
1313
*/
1414

1515
import cpp
1616

17-
pragma[inline]
18-
int sizeofInt() { result = any(IntType pt).getSize() }
19-
2017
pragma[inline]
2118
predicate pointerArgTypeMayBeUsed(Type arg, Type parm) {
2219
arg = parm
@@ -47,39 +44,16 @@ pragma[inline]
4744
predicate argTypeMayBeUsed(Type arg, Type parm) {
4845
arg = parm
4946
or
50-
// float will be promoted to double, and so it should correspond
51-
// to the prototype
52-
arg instanceof FloatType and parm instanceof DoubleType
53-
or
54-
// integral types are promoted "up to" (unsigned) int, but not long long.
47+
// we treat signed and unsigned versions of integer types as compatible.
5548
arg instanceof IntegralType and
56-
parm instanceof IntegralType and
57-
arg.getSize() <= sizeofInt() and
58-
parm.getSize() <= sizeofInt()
49+
parm instanceof IntegralType
5950
or
60-
/*
61-
* // we allow interoperability between long long and pointer
62-
* arg.getSize() = parm.getSize() and
63-
* (
64-
* (arg instanceof IntegralType and parm instanceof PointerType)
65-
* or
66-
* (arg instanceof PointerType and parm instanceof IntegralType)
67-
* )
68-
* or
69-
*/
70-
7151
// pointers to compatible types
7252
pointerArgTypeMayBeUsed(arg.(PointerType).getBaseType().getUnspecifiedType(),
7353
parm.(PointerType).getBaseType().getUnspecifiedType())
7454
or
7555
pointerArgTypeMayBeUsed(arg.(PointerType).getBaseType().getUnspecifiedType(),
7656
parm.(ArrayType).getBaseType().getUnspecifiedType())
77-
or
78-
pointerArgTypeMayBeUsed(arg.(ArrayType).getBaseType().getUnspecifiedType(),
79-
parm.(PointerType).getBaseType().getUnspecifiedType())
80-
or
81-
pointerArgTypeMayBeUsed(arg.(ArrayType).getBaseType().getUnspecifiedType(),
82-
parm.(ArrayType).getBaseType().getUnspecifiedType())
8357
}
8458

8559
// This predicate doesn't necessarily have to exist, but if it does exist

0 commit comments

Comments
 (0)