codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

False positive "Comparison result is always the same" because of incorrect sizeof evaluation

Open andyhhp opened this issue 1 year ago • 0 comments
trafficstars

Description of the false positive

CodeQL complains "Comparison is always true because i <= 1. "

However, it is really a loop over 4 elements.

I suspect the problem is that

struct foo
{
   ...
    unsigned long (*fnptr_array[4])(void);
    ...
};

describes an array of 4 function pointers, but that CodeQL isn't evaluating sizeof correctly on the type.

Code samples or links to source code

https://github.com/andyhhp/xtf/blob/f503efe8e5cf8858ec0704f1aaa82d0bf50891a5/tests/swint-emulation/main.c#L162-L162

but I've done a simpler example in https://godbolt.org/z/9fGr51r68 if that helps

URL to the alert on GitHub code scanning (optional)

https://github.com/andyhhp/xtf/security/code-scanning/55

andyhhp avatar Aug 30 '24 18:08 andyhhp