Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ecb700c

Browse files
zlaski-semmlegeoffw0
zlaski-semmle
authored and
geoffw0
committed
[CPP-418] Some assignments and call expressions. Some could not be divined.
1 parent 113481d commit ecb700c

2 files changed

Lines changed: 76 additions & 4 deletions

File tree

cpp/ql/src/semmle/code/cpp/exprs/Assignment.qll

Lines changed: 42 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ abstract class Assignment extends Operation {
3030

3131
/**
3232
* A non-overloaded assignment operation with the operator `=`.
33+
* ```
34+
* a = b;
35+
* ```
3336
*/
3437
class AssignExpr extends Assignment, @assignexpr {
3538
override string getOperator() { result = "=" }
@@ -55,6 +58,9 @@ abstract class AssignArithmeticOperation extends AssignOperation { }
5558

5659
/**
5760
* A non-overloaded `+=` assignment expression on a non-pointer lvalue.
61+
* ```
62+
* a += b;
63+
* ```
5864
*/
5965
class AssignAddExpr extends AssignArithmeticOperation, @assignaddexpr {
6066
override string getCanonicalQLClass() { result = "AssignAddExpr" }
@@ -64,6 +70,9 @@ class AssignAddExpr extends AssignArithmeticOperation, @assignaddexpr {
6470

6571
/**
6672
* A non-overloaded `-=` assignment expression on a non-pointer lvalue.
73+
* ```
74+
* a -= b;
75+
* ```
6776
*/
6877
class AssignSubExpr extends AssignArithmeticOperation, @assignsubexpr {
6978
override string getCanonicalQLClass() { result = "AssignSubExpr" }
@@ -73,6 +82,9 @@ class AssignSubExpr extends AssignArithmeticOperation, @assignsubexpr {
7382

7483
/**
7584
* A non-overloaded `*=` assignment expression.
85+
* ```
86+
* a *= b;
87+
* ```
7688
*/
7789
class AssignMulExpr extends AssignArithmeticOperation, @assignmulexpr {
7890
override string getCanonicalQLClass() { result = "AssignMulExpr" }
@@ -82,6 +94,9 @@ class AssignMulExpr extends AssignArithmeticOperation, @assignmulexpr {
8294

8395
/**
8496
* A non-overloaded `/=` assignment expression.
97+
* ```
98+
* a /= b;
99+
* ```
85100
*/
86101
class AssignDivExpr extends AssignArithmeticOperation, @assigndivexpr {
87102
override string getCanonicalQLClass() { result = "AssignDivExpr" }
@@ -91,6 +106,9 @@ class AssignDivExpr extends AssignArithmeticOperation, @assigndivexpr {
91106

92107
/**
93108
* A non-overloaded `%=` assignment expression.
109+
* ```
110+
* a %= b;
111+
* ```
94112
*/
95113
class AssignRemExpr extends AssignArithmeticOperation, @assignremexpr {
96114
override string getCanonicalQLClass() { result = "AssignRemExpr" }
@@ -105,7 +123,10 @@ class AssignRemExpr extends AssignArithmeticOperation, @assignremexpr {
105123
abstract class AssignBitwiseOperation extends AssignOperation { }
106124

107125
/**
108-
* A non-overloaded `&=` assignment expression.
126+
* A non-overloaded AND (`&=`) assignment expression.
127+
* ```
128+
* a &= b;
129+
* ```
109130
*/
110131
class AssignAndExpr extends AssignBitwiseOperation, @assignandexpr {
111132
override string getCanonicalQLClass() { result = "AssignAndExpr" }
@@ -114,7 +135,10 @@ class AssignAndExpr extends AssignBitwiseOperation, @assignandexpr {
114135
}
115136

116137
/**
117-
* A non-overloaded `|=` assignment expression.
138+
* A non-overloaded OR (`|=`) assignment expression.
139+
* ```
140+
* a |= b;
141+
* ```
118142
*/
119143
class AssignOrExpr extends AssignBitwiseOperation, @assignorexpr {
120144
override string getCanonicalQLClass() { result = "AssignOrExpr" }
@@ -123,7 +147,10 @@ class AssignOrExpr extends AssignBitwiseOperation, @assignorexpr {
123147
}
124148

125149
/**
126-
* A non-overloaded `^=` assignment expression.
150+
* A non-overloaded XOR (`^=`) assignment expression.
151+
* ```
152+
* a ^= b;
153+
* ```
127154
*/
128155
class AssignXorExpr extends AssignBitwiseOperation, @assignxorexpr {
129156
override string getCanonicalQLClass() { result = "AssignXorExpr" }
@@ -133,6 +160,9 @@ class AssignXorExpr extends AssignBitwiseOperation, @assignxorexpr {
133160

134161
/**
135162
* A non-overloaded `<<=` assignment expression.
163+
* ```
164+
* a <<= b;
165+
* ```
136166
*/
137167
class AssignLShiftExpr extends AssignBitwiseOperation, @assignlshiftexpr {
138168
override string getCanonicalQLClass() { result = "AssignLShiftExpr" }
@@ -142,6 +172,9 @@ class AssignLShiftExpr extends AssignBitwiseOperation, @assignlshiftexpr {
142172

143173
/**
144174
* A non-overloaded `>>=` assignment expression.
175+
* ```
176+
* a >>= b;
177+
* ```
145178
*/
146179
class AssignRShiftExpr extends AssignBitwiseOperation, @assignrshiftexpr {
147180
override string getCanonicalQLClass() { result = "AssignRShiftExpr" }
@@ -151,6 +184,9 @@ class AssignRShiftExpr extends AssignBitwiseOperation, @assignrshiftexpr {
151184

152185
/**
153186
* A non-overloaded `+=` pointer assignment expression.
187+
* ```
188+
* ptr += index;
189+
* ```
154190
*/
155191
class AssignPointerAddExpr extends AssignOperation, @assignpaddexpr {
156192
override string getCanonicalQLClass() { result = "AssignPointerAddExpr" }
@@ -160,6 +196,9 @@ class AssignPointerAddExpr extends AssignOperation, @assignpaddexpr {
160196

161197
/**
162198
* A non-overloaded `-=` pointer assignment expression.
199+
* ```
200+
* ptr -= index;
201+
* ```
163202
*/
164203
class AssignPointerSubExpr extends AssignOperation, @assignpsubexpr {
165204
override string getCanonicalQLClass() { result = "AssignPointerSubExpr" }

cpp/ql/src/semmle/code/cpp/exprs/Call.qll

Lines changed: 34 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -339,6 +339,12 @@ class OverloadedArrayExpr extends FunctionCall {
339339

340340
/**
341341
* A C/C++ call which is performed through a function pointer.
342+
*
343+
* In the call below, `(*funcptr)` may be simplified to just `funcptr`.
344+
* ```
345+
* extern int (*funcptr)(int a, int b);
346+
* int c = (*funcptr)(1, 2);
347+
* ```
342348
*/
343349
class ExprCall extends Call, @callexpr {
344350
/**
@@ -361,6 +367,11 @@ class ExprCall extends Call, @callexpr {
361367

362368
/**
363369
* A C/C++ call which is performed through a variable of function pointer type.
370+
* ```
371+
* int call_via_ptr(int (*pfn)(int)) {
372+
* return pfn(5);
373+
* }
374+
* ```
364375
*/
365376
class VariableCall extends ExprCall {
366377
VariableCall() { this.getExpr() instanceof VariableAccess }
@@ -375,6 +386,10 @@ class VariableCall extends ExprCall {
375386

376387
/**
377388
* A call to a constructor.
389+
* ```
390+
* struct S { S(void); }
391+
* S s;
392+
* ```
378393
*/
379394
class ConstructorCall extends FunctionCall {
380395
ConstructorCall() { super.getTarget() instanceof Constructor }
@@ -386,7 +401,10 @@ class ConstructorCall extends FunctionCall {
386401
}
387402

388403
/**
389-
* A C++ `throw` expression.
404+
* A C++ `throw` expression.
405+
* ```
406+
* throw Exc(2);
407+
* ```
390408
*/
391409
class ThrowExpr extends Expr, @throw_expr {
392410
/**
@@ -404,6 +422,9 @@ class ThrowExpr extends Expr, @throw_expr {
404422

405423
/**
406424
* A C++ `throw` expression with no argument (which causes the current exception to be re-thrown).
425+
* ```
426+
* throw;
427+
* ```
407428
*/
408429
class ReThrowExpr extends ThrowExpr {
409430
ReThrowExpr() { this.getType() instanceof VoidType }
@@ -415,6 +436,13 @@ class ReThrowExpr extends ThrowExpr {
415436

416437
/**
417438
* A call to a destructor.
439+
* ```
440+
struct S { ~S(void); };
441+
void foo() {
442+
S s;
443+
s.~S();
444+
}
445+
* ```
418446
*/
419447
class DestructorCall extends FunctionCall {
420448
DestructorCall() { super.getTarget() instanceof Destructor }
@@ -431,6 +459,11 @@ class DestructorCall extends FunctionCall {
431459
* For example, given a plain old data type `pod_t`, the syntax `ptr->~pod_t()` is
432460
* a vacuous destructor call, as `~pod_t` isn't actually a function. This can also
433461
* occur in instantiated templates, as `ptr->~T()` becomes vacuous when `T` is `int`.
462+
* ```
463+
* typedef int pod_t;
464+
* pod_t *s;
465+
* s->~pod_t();
466+
* ```
434467
*/
435468
class VacuousDestructorCall extends Expr, @vacuous_destructor_call {
436469
/**

0 commit comments

Comments
 (0)