Skip to content

Commit 8633a30

Browse files
author
Nikita Kraiouchkine
committed
Update DoNotAccessVolatileObjectWithNonVolatileReference.ql
1 parent 0431c73 commit 8633a30

File tree

1 file changed

+8
-7
lines changed

1 file changed

+8
-7
lines changed

c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,10 @@ abstract class UndefinedVolatilePointerExpr extends Expr {
2828
/**
2929
* Gets the depth of a pointer's base type's volatile qualifier
3030
*/
31-
int getAVolatileDepth(PointerType pt) {
32-
pt.getBaseType().isVolatile() and result = 1
31+
int getAVolatileDepth(Type type) {
32+
type.isVolatile() and result = 1
3333
or
34-
result = getAVolatileDepth(pt.getBaseType()) + 1
34+
result = getAVolatileDepth(type.(DerivedType).getBaseType()) + 1
3535
}
3636

3737
/**
@@ -54,8 +54,9 @@ class CastFromVolatileToNonVolatileBaseType extends Cast, UndefinedVolatilePoint
5454
/**
5555
* Holds if `va` has a subsequent `VariableAccess` which is dereferenced after access
5656
*/
57+
bindingset[va]
5758
predicate hasSubsequentDereference(VariableAccess va) {
58-
dereferenced(va.getASuccessor+().(VariableAccess))
59+
dereferenced(pragma[only_bind_out](va).getASuccessor+())
5960
}
6061

6162
/**
@@ -68,9 +69,9 @@ class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr, UndefinedVo
6869
not i = getAVolatileDepth(this.getRValue().getType()) and
6970
i = getAVolatileDepth(this.getLValue().(VariableAccess).getTarget().getType())
7071
) and
71-
// Checks for subsequent accesses to the underlying object via the original non-volatile
72-
// pointer assigned to the volatile pointer. This heuristic can cause false-positives
73-
// in certain instances which require more advanced reachability analysis, e.g. loops and scope
72+
// Checks for subsequent accesses to the underlying object via the original non-volatile
73+
// pointer assigned to the volatile pointer. This heuristic can cause false-positives
74+
// in certain instances which require more advanced reachability analysis, e.g. loops and scope
7475
// considerations that this simple forward traversal of the control-flow graph does not account for.
7576
exists(VariableAccess va |
7677
va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and

0 commit comments

Comments
 (0)