codeql-coding-standards `RULE-21-15`: Improve detection of compatible types

`RULE-21-15`: Improve detection of compatible types

Open lcartey opened this issue 10 months ago • 0 comments

Affected rules

RULE-21-15

Description

The query for this rule is currently too strict - it requires the types be identical (after stripping specifiers), instead of compatible. For example, it does not allow a combination of pointers and arrays, or array types with different sizes, or types which are compatible but not identical (e.g. signed int and int.

Example

void example_function(int i1[80], int *i2, int i3[10], signed int *i4) {
  memcpy(i1,i2,1); // COMPLIANT[FALSE_POSITIVE]
  memcpy(i1,i3,1); // COMPLIANT[FALSE_POSITIVE]
  memcpy(i2,i3,1); // COMPLIANT[FALSE_POSITIVE]
  memcpy(i2,i4,1); // COMPLIANT[FALSE_POSITIVE]
}

Apr 25 '24 11:04 lcartey

codeql-coding-standards codeql-coding-standards copied to clipboard

`RULE-21-15`: Improve detection of compatible types

Affected rules

Description

Example

codeql-coding-standards
codeql-coding-standards copied to clipboard