diff --git a/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md b/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md new file mode 100644 index 0000000000..443352baa9 --- /dev/null +++ b/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md @@ -0,0 +1,8 @@ +- `M0-1-4` - `SingleUsePODVariable.ql` + - This rule no longer considers compiler-generated access to a variable when determining if the variable has a single use. +- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: + - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. + - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. +- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` + - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. +- Updated the CodeQL version to `2.9.4`. \ No newline at end of file diff --git a/codeql_modules/codeql b/codeql_modules/codeql index a1cdf256ad..28fe7a7660 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit a1cdf256ad6b7c3e9984db9069671647e5f47921 +Subproject commit 28fe7a76603ab7ef884ca35115b63104ecb699a7 diff --git a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql index 8a377b9f65..357a854845 100644 --- a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql +++ b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql @@ -29,8 +29,8 @@ where not f instanceof Operator and ( exists(MemberFunction shadowingFunction | - getPublicOrPrivateDerivedClass+(f.getDeclaringType()) = shadowingFunction.getDeclaringType() and - f.getName() = shadowingFunction.getName() and + getPublicOrPrivateDerivedClass+(f.getDeclaringType()) = subclass and + f.getName() = pragma[only_bind_out](shadowingFunction.getName()) and e = shadowingFunction and description = "this member function" and subclass = shadowingFunction.getDeclaringType() diff --git a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql index b62b8785c3..bcb64dba8d 100644 --- a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql +++ b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql @@ -21,5 +21,5 @@ from Variable v where not isExcluded(v, InitializationPackage::avoidAutoWithBracedInitializationQuery()) and v.getTypeWithAuto().getUnspecifiedType() instanceof AutoType and - v.getType().getUnspecifiedType().(Class).hasQualifiedName("std", "initializer_list") + v.getInitializer().isBraced() select v, "Variable " + v.getName() + " of type auto uses braced initialization." diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 765848a63c..c750bb130c 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -10,8 +10,9 @@ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit (if v.hasInitializer() then initializers = 1 else initializers = 0) and result = - initializers + count(v.getAnAccess()) + - count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + initializers + + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) ) } @@ -23,7 +24,9 @@ Element getSingleUse(Variable v) { or result = any(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) or - result = v.getAnAccess() + exists(VariableAccess access | + access = v.getAnAccess() and not access.isCompilerGenerated() and result = access + ) ) } diff --git a/cpp/autosar/src/rules/M10-2-1/UniqueAccessibleEntityNamesInMultipleInheritance.ql b/cpp/autosar/src/rules/M10-2-1/UniqueAccessibleEntityNamesInMultipleInheritance.ql index 5653cd2693..a01078f577 100644 --- a/cpp/autosar/src/rules/M10-2-1/UniqueAccessibleEntityNamesInMultipleInheritance.ql +++ b/cpp/autosar/src/rules/M10-2-1/UniqueAccessibleEntityNamesInMultipleInheritance.ql @@ -54,8 +54,8 @@ where // and the declaring types of both declarations are not in the same inheritance hierarchy not decl1.getDeclaringType().getABaseClass*() = decl2.getDeclaringType().getABaseClass*() and // and both declarations are accessible from 'derived' - decl1.isAccessibleFromClass(derived) and - decl2.isAccessibleFromClass(derived) and + pragma[only_bind_into](decl1).isAccessibleFromClass(derived) and + pragma[only_bind_into](decl2).isAccessibleFromClass(derived) and // and the declaring type name (DTN) of decl1 is less than the DTN of decl2 (remove permutations) decl1 = rank[1](MemberEntityDeclaration decl | diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected index a549240c66..ea0f998533 100644 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected @@ -1 +1 @@ -| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:1:39:13 | using f1 | using-declaration | +| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:12:39:13 | using f1 | using-declaration | diff --git a/cpp/autosar/test/rules/A8-5-3/test.cpp b/cpp/autosar/test/rules/A8-5-3/test.cpp index c17c8241a1..7baa9aa487 100644 --- a/cpp/autosar/test/rules/A8-5-3/test.cpp +++ b/cpp/autosar/test/rules/A8-5-3/test.cpp @@ -1,11 +1,12 @@ #include void test() { - auto a1(1); // COMPLIANT - auto a2{1}; // NON_COMPLIANT - auto a3 = 1; // COMPLIANT - auto a4 = {1}; // NON_COMPLIANT - int a5 = {1}; // COMPLIANT - const auto a6(1); // COMPLIANT - const auto a7{1}; // NON_COMPLIANT + auto a1(1); // COMPLIANT + auto a2{1}; // NON_COMPLIANT + auto a3 = 1; // COMPLIANT + auto a4 = {1}; // NON_COMPLIANT + int a5 = {1}; // COMPLIANT + const auto a6(1); // COMPLIANT + const auto a7{1}; // NON_COMPLIANT + auto a8 = std::initializer_list(); // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/FunctionEquivalence.qll b/cpp/common/src/codingstandards/cpp/FunctionEquivalence.qll index a27bd1e565..f81682d7b6 100644 --- a/cpp/common/src/codingstandards/cpp/FunctionEquivalence.qll +++ b/cpp/common/src/codingstandards/cpp/FunctionEquivalence.qll @@ -66,7 +66,7 @@ private newtype TParameterEquivalenceClass = */ class ParameterEquivalenceClass extends TParameterEquivalenceClass { /** Gets a `Function` whose `Parameter` at `index` is part of the equivalence class. */ - pragma[noinline] + pragma[nomagic] private Function getAFunction(int index) { exists(string qualifiedName, string typeSig | functionSignature(result, qualifiedName, typeSig) and diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index e291147d15..a4f85ecb72 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -11,21 +11,14 @@ edges | test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get | | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:5:27:5:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | -| test.cpp:9:28:9:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 | -| test.cpp:12:28:12:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index a0ad42a349..269af480e3 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.7.6", - "codeql_standard_library": "codeql-cli/v2.7.6", - "codeql_cli_bundle": "codeql-bundle-20220120" + "codeql_cli": "2.9.4", + "codeql_standard_library": "codeql-cli/v2.9.4", + "codeql_cli_bundle": "codeql-bundle-20220615" } ], "supported_language" : [