C++: Ignore complex guards and the comma operator

jketema · jketema · commit b581723a63e2 · 2024-11-14T12:53:54.000+01:00
diff --git a/cpp/ql/src/experimental/Best Practices/GuardedFree.ql b/cpp/ql/src/experimental/Best Practices/GuardedFree.ql
@@ -40,5 +40,7 @@ where
     strictcount(bb.(BlockStmt).getAStmt()) = 1
   ) and
   strictcount(BasicBlock bb2 | gc.ensuresEq(_, 0, bb2, _) | bb2) = 1 and
-  not isAffectedByMacro(fc, bb)
+  not isAffectedByMacro(fc, bb) and
+  not (gc instanceof BinaryOperation and not gc instanceof ComparisonOperation) and
+  not exists(CommaExpr c | c.getAChild*() = fc)
 select gc, "unnecessary NULL check before call to $@", fc, "free"
diff --git a/cpp/ql/test/experimental/query-tests/Best Practices/GuardedFree/GuardedFree.expected b/cpp/ql/test/experimental/query-tests/Best Practices/GuardedFree/GuardedFree.expected
@@ -1,7 +1,5 @@
 | test.cpp:5:7:5:7 | x | unnecessary NULL check before call to $@ | test.cpp:6:5:6:8 | call to free | free |
 | test.cpp:10:7:10:7 | x | unnecessary NULL check before call to $@ | test.cpp:11:5:11:8 | call to free | free |
-| test.cpp:31:7:31:24 | ... \|\| ... | unnecessary NULL check before call to $@ | test.cpp:35:3:35:6 | call to free | free |
 | test.cpp:42:7:42:7 | x | unnecessary NULL check before call to $@ | test.cpp:43:5:43:8 | call to free | free |
 | test.cpp:49:7:49:7 | x | unnecessary NULL check before call to $@ | test.cpp:50:5:50:8 | call to free | free |
 | test.cpp:106:7:106:18 | ... != ... | unnecessary NULL check before call to $@ | test.cpp:107:5:107:8 | call to free | free |
-| test.cpp:113:7:113:18 | ... != ... | unnecessary NULL check before call to $@ | test.cpp:114:17:114:20 | call to free | free |
diff --git a/cpp/ql/test/experimental/query-tests/Best Practices/GuardedFree/test.cpp b/cpp/ql/test/experimental/query-tests/Best Practices/GuardedFree/test.cpp
@@ -28,7 +28,7 @@ void test3(int *x, bool b) {
 }
 
 bool test4(char *x, char *y) {
-  if (!x || strcmp(x, y)) { // GOOD [FALSE POSITIVE]: x is being accessed in the guard and return value depends on x
+  if (!x || strcmp(x, y)) { // GOOD: x is being accessed in the guard and return value depends on x
     free(x);
     return true;
   }
@@ -110,6 +110,6 @@ void test13(char *x) {
 void inspect(char *x);
 
 void test14(char *x) {
-  if (x != nullptr) // GOOD [FALSE POSITIVE]: x might be accessed in the first operand of the comma operator
+  if (x != nullptr) // GOOD: x might be accessed in the first operand of the comma operator
     inspect(x), free(x);
 }

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ void test3(int *x, bool b) {`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	`bool test4(char x, char y) {`
`31`		`- if (!x \|\| strcmp(x, y)) { // GOOD [FALSE POSITIVE]: x is being accessed in the guard and return value depends on x`
	`31`	`+ if (!x \|\| strcmp(x, y)) { // GOOD: x is being accessed in the guard and return value depends on x`
`32`	`32`	`free(x);`
`33`	`33`	`return true;`
`34`	`34`	`}`
`@@ -110,6 +110,6 @@ void test13(char *x) {`
`110`	`110`	`void inspect(char *x);`
`111`	`111`
`112`	`112`	`void test14(char *x) {`
`113`		`- if (x != nullptr) // GOOD [FALSE POSITIVE]: x might be accessed in the first operand of the comma operator`
	`113`	`+ if (x != nullptr) // GOOD: x might be accessed in the first operand of the comma operator`
`114`	`114`	`inspect(x), free(x);`
`115`	`115`	`}`