Skip to content

CTR55-CPP: Consider iter != last to be a bounds check #374

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
lcartey opened this issue Oct 2, 2023 · 0 comments · Fixed by #561
Closed

CTR55-CPP: Consider iter != last to be a bounds check #374

lcartey opened this issue Oct 2, 2023 · 0 comments · Fixed by #561
Assignees
@knewbury01
Labels
Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Phase II user-report Issue reported by an end user of CodeQL Coding Standards

Comments

@lcartey
Copy link
Collaborator

lcartey commented Oct 2, 2023
edited
Loading

Affected rules

  • CTR55-CPP

Description

This query has a fairly restricted view of what a valid bounds check consists of. Consider expanding to support iter != last as a valid bound check, if last is derived from end(). We should also consider the case of utility methods on iterators, and whether they are correct at the call site.

Example

for (; iter != end; ++iter) {
}
@lcartey lcartey added Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium user-report Issue reported by an end user of CodeQL Coding Standards labels Oct 2, 2023
@knewbury01 knewbury01 self-assigned this Mar 18, 2024
@knewbury01 knewbury01 moved this from Triaged to In Progress in Coding Standards Public Development Board Mar 20, 2024
@knewbury01 knewbury01 mentioned this issue Mar 22, 2024
Merged
30 tasks
@knewbury01 knewbury01 moved this from In Progress to Ready for review in Coding Standards Public Development Board Mar 22, 2024
@rvermeulen rvermeulen moved this from Ready for review to Review in progress in Coding Standards Public Development Board Mar 27, 2024
@rvermeulen rvermeulen moved this from Review in progress to Reviewed in Coding Standards Public Development Board Mar 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@knewbury01 knewbury01

Labels
Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Phase II user-report Issue reported by an end user of CodeQL Coding Standards
Projects
Coding Standards Public Development Board
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

CTR55-CPP: address 374 knewbury01/codeql-coding-standards
3 participants
@rvermeulen @lcartey @knewbury01