forked from github/codeql-coding-standards
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathIntegerExpressionLeadToDataLoss.ql
More file actions
36 lines (34 loc) · 1.38 KB
/
IntegerExpressionLeadToDataLoss.ql
File metadata and controls
36 lines (34 loc) · 1.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
/**
* @id cpp/autosar/integer-expression-lead-to-data-loss
* @name A4-7-1: An integer expression shall not lead to data loss
* @description Implicit conversions, casts and arithmetic expressions may lead to data loss.
* @kind problem
* @precision low
* @problem.severity warning
* @tags external/autosar/id/a4-7-1
* correctness
* external/autosar/strict
* external/autosar/allocated-target/implementation
* external/autosar/enforcement/automated
* external/autosar/obligation/required
*/
import cpp
import codingstandards.cpp.autosar
import codingstandards.cpp.Overflow
import semmle.code.cpp.controlflow.Guards
import semmle.code.cpp.valuenumbering.GlobalValueNumbering
from InterestingOverflowingOperation e
where
not isExcluded(e, IntegerConversionPackage::integerExpressionLeadToDataLossQuery()) and
// Not within a guard condition
not e.getParent*().(GuardCondition).valueControlsEdge(_, _, _) and
// Not guarded by a check, where the check is not an invalid overflow check
not e.hasValidPreCheck() and
// Covered by `IntMultToLong.ql` instead
not e instanceof MulExpr and
// Not covered by this query - overflow/underflow in division is rare
not e instanceof DivExpr and
not e instanceof AssignDivExpr and
not e instanceof RemExpr and
not e instanceof AssignRemExpr
select e, "Binary expression ..." + e.getOperator() + "... may overflow."