From 1f68a2f4c75829a8f0731c978d83c68b356256ed Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 18 Sep 2025 12:08:35 +0100 Subject: [PATCH] C++: Fix up queries after github/codeql#20485. --- .../EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql | 2 +- .../rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql | 4 ++-- .../rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql | 2 +- .../FunctionErroneousReturnValueNotTested.qll | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index 5f347d817..812d4d910 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -51,7 +51,7 @@ class ExplicitComparison extends EffectivelyComparison, FinalComparisonOperation override FunctionExpr getFunctionExpr() { result = funcExpr } } -class ImplicitComparison extends EffectivelyComparison, GuardCondition { +class ImplicitComparison extends EffectivelyComparison, GuardCondition instanceof Expr { ImplicitComparison() { this instanceof FunctionExpr and not getParent() instanceof ComparisonOperation diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index c6ea2c451..1fdbbcb84 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -78,8 +78,8 @@ predicate isUpperBoundEndCheckedIteratorAccess(IteratorSource source, ContainerI basicBlockOfIteratorAccess.contains(it) and //guard is comprised of end check and an iterator access DataFlow::localFlow(DataFlow::exprNode(referenceToOnePassedTheEndElement), - DataFlow::exprNode(upperBoundCheck.getChild(_))) and - upperBoundCheck.getChild(_) = checkedIteratorAccess and + DataFlow::exprNode(upperBoundCheck.(Expr).getChild(_))) and + upperBoundCheck.(Expr).getChild(_) = checkedIteratorAccess and //make sure its the same iterator being checked in the guard as accessed checkedIteratorAccess.getOwningContainer() = it.getOwningContainer() and //if its the end call itself (or its parts), make sure its the same container providing its end as giving the iterator diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql index 90685f1c9..ac9281ee9 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql @@ -63,7 +63,7 @@ class NoThrowAllocExprWrapperFunction extends Function { n.getEnclosingFunction() = this and DataFlow::localExprFlow(n, any(ReturnStmt rs).getExpr()) and // Not checked in this wrapper function - not exists(GuardCondition gc | DataFlow::localExprFlow(n, gc.getAChild*())) + not exists(GuardCondition gc | DataFlow::localExprFlow(n, gc.(Expr).getAChild*())) } /** Gets the underlying nothrow allocation ultimately being wrapped. */ diff --git a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll index e7e25cf7b..83907c609 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll @@ -56,7 +56,7 @@ query predicate problems(FunctionCall fc, string message) { "vsnwprintf_s" ]) and not exists(GuardCondition gc | - DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) + DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.(Expr).getAChild*())) ) and message = "Return value from " + fc.getTarget().getName() + " is not tested for errors." }