CodeQL library for C and C++¶

When analyzing C or C++ code, you can use the large collection of classes in the CodeQL library for C and C++.

About the CodeQL library for C and C++¶

There is an extensive library for analyzing CodeQL databases extracted from C/C++ projects. The classes in this library present the data from a database in an object-oriented form and provide abstractions and predicates to help you with common analysis tasks.The library is implemented as a set of QL modules, that is, files with the extension.qll. The modulecpp.qll imports all the core C/C++ library modules, so you can include the complete library by beginning your query with:

importcpp

The rest of this topic summarizes the available CodeQL classes and corresponding C/C++ constructs.

Commonly-used library classes¶

The most commonly used standard library classes are listed below. The listing is broken down by functionality. Each library class is annotated with a C/C++ construct it corresponds to.

Declaration classes¶

This table listsDeclaration classes representing C/C++ declarations.

Example syntax	CodeQL class	Remarks
`int`var`;`	GlobalVariable
`namespace`N`{` …`float`var`;` …`}`	NamespaceVariable
`int`func`(void){` …`float`var`;` …`}`	LocalVariable	See alsoInitializer
`class`C`{` …`int`var`;` …`}`	MemberVariable
`int`func`(constchar`param`);`	Function
`template<typename`T`>` `void`func`(`T`param);`	TemplateFunction
`int`func`(constchar`format*`,...)` `{` …`}`	FormattingFunction
func`<int,float>(` …`);`	FunctionTemplateInstantiation
`template<typename`T`>` func`<int,`T`>(` …`){` …`}`	FunctionTemplateSpecialization
`class`C`{` … `int`func`(float`param`);` …`};`	MemberFunction
`class`C`{` … `int`func`(float`param`)const;` …`};`	ConstMemberFunction
`class`C`{` …`virtualint`func`(` …`){` …`}};`	VirtualFunction
`class`C`{` …C`(` …`){` …`}` …`};`	Constructor
`C::operatorfloat()const;`	ConversionOperator
`class`C`{` …`~`C`(void){` …`}` …`};`	Destructor
`class`C`{` … C`(const`D`&`d`){` …`}` …`};`	ConversionConstructor
C`&`C`::operator=(const`C`&);`	CopyAssignmentOperator
C`&`C`::operator=(`C`&&);`	MoveAssignmentOperator
C`::`C`(const`C`&);`	CopyConstructor
C`::`C`(`C`&&);`	MoveConstructor
C`::`C`(void);`	NoArgConstructor	Default constructor
`enum`en`{`val1`,`val2 …`}`	EnumConstant
`friendvoid`func`(int);` `friendclass`B`;`	FriendDecl
`int`func`(void){` … `enum`en`{`val1`,`val2 …`};` …`}`	LocalEnum
`class`C`{` … `enum`en`{`val1`,`val2 …`}` …`}`	NestedEnum
`enumclass`en`:short{`val1`,`val2 …`}`	ScopedEnum
`class`C`{` … `virtualvoid`func`(int)=0;` …`};`	AbstractClass
`template<int,float>class`C`{` …`};`	ClassTemplateInstantiation
`template<>class`C`<`Type`>{` …`};`	FullClassTemplateSpecialization
`template<typename`T`>` `class`C`<`T`,`5`>{` …`};`	PartialClassTemplateSpecialization
`int`func`(void){` …`class`C`{` …`};` …`}`	LocalClass
`class`C`{` …`class`D`{` …`};` …`};`	NestedClass
`class`C`{` Typevar`;` Typefunc`(`Parameter…`){` …`}`…`};`	Class
`struct`S`{` … Typevar`;` Typefunc`(`Parameter…`){` …`}`…`};`	Struct Class
`union`U`{` Typevar1`;` Typevar2`;` …`};`	Union Struct Class
`template<typename`T`>` `struct`C`:`T`{` …`};`	ProxyClass	Appears only inuninstantiatedtemplates
`int`func`(void){` … `struct`S`{` …`};` …`}`	LocalStruct
`class`C`{` … `struct`S`{` …`};` …`};`	NestedStruct
`int`func*`(void){` …`union`U`{` …`};` …`}`	LocalUnion
`class`C`{` …`union`U`{` …`};` …`};`	NestedUnion
`typedefint`T`;`	TypedefType
`int`func`(void){` … `typedefint`T`;` …`}`	LocalTypedefType
`class`C`{` … `typedefint`T`;` …`};`	NestedTypedefType
`class`V`:` …`public`B …`{` …`};`	ClassDerivation
`class`V`:` …`virtual`B …`{` …`};`	VirtualClassDerivation
`template<typename`T`>` `class`C`{` …`};`	TemplateClass
`int`foo`(`Typeparam1`,`Typeparam2 …`);`	Parameter
`template<typename`T`>`Tt`;`	TemplateVariable	Since C++14

Statement classes¶

This table lists subclasses ofStmt representing C/C++ statements.

Example syntax	CodeQL class	Remarks
`__asm__("`movb %bh, (%eax)`");`	AsmStmt	Specific to a given CPU instruction set
`{`Stmt…`}`	BlockStmt
`catch(`Parameter`)`BlockStmt	CatchBlock
`catch(...)`BlockStmt	CatchAnyBlock
`goto`labelptr*`;`	ComputedGotoStmt	GNU extension; use withLabelLiteral
Typei`,`j`;`	DeclStmt
`if(`Expr`)`Stmt`else`Stmt	IfStmt
`switch(`Expr`){`SwitchCase…`}`	SwitchStmt
`do`Stmt`while(`Expr`)`	DoStmt
`for(`DeclStmt`;`Expr`;`Expr`)`Stmt	ForStmt
`for(`DeclStmt`:`Expr`)`Stmt	RangeBasedForStmt
`while(`Expr`)`Stmt	WhileStmt
Expr`;`	ExprStmt
`__try{` …`}__except(`Expr`){` …`}`	MicrosoftTryExceptStmt	Structured exception handling (SEH) under Windows
`__try{` …`}__finally{` …`}`	MicrosoftTryFinallyStmt	Structured exception handling (SEH) under Windows
`return`Expr`;`	ReturnStmt
`case`Expr`:`	SwitchCase
`try{`Stmt…`}`CatchBlock…CatchAnyBlock	TryStmt
`void`func`(void)try{`Stmt…`}` CatchBlock…CatchAnyBlock	FunctionTryStmt
`;`	EmptyStmt
`break;`	BreakStmt
`continue;`	ContinueStmt
`goto`LabelStmt`;`	GotoStmt
slabel`:`	LabelStmt
`float`arr`[`Expr`][`Expr`];`	VlaDeclStmt	C99 variable-length array

Expression classes¶

This table lists subclasses ofExpr representing C/C++ expressions.

Example syntax	CodeQL class(es)	Remarks
`{`Expr…`}`	ArrayAggregateLiteral ClassAggregateLiteral
`alignof(`Expr`)`	AlignofExprOperator
`alignof(`Type`)`	AlignofTypeOperator
Expr`[`Expr`]`	ArrayExpr
`__assume(`Expr`)`	AssumeExpr	Microsoft extension
`static_assert(`Expr`,`StringLiteral`)_Static_assert(`Expr`,`StringLiteral`)`	StaticAssert	C++11 C11
`__noop;`	BuiltInNoOp	Microsoft extension
Expr`(`Expr…`)`	ExprCall
func`(`Expr…`)` instance`.`func`(`Expr…`)`	FunctionCall
Expr`,`Expr	CommaExpr
`if(`Typearg`=`Expr`)`	ConditionDeclExpr
`(`Type`)`Expr	CStyleCast
`const_cast<`Type`>(`Expr`)`	ConstCast
`dynamic_cast<`Type`>(`Expr`)`	DynamicCast
`reinterpret_cast<`Type`>(`Expr`)`	ReinterpretCast
`static_cast<`Type`>(`Expr`)`	StaticCast
`template<typename...`T`>` `auto`sum`(`T…t`)` `{return(`t`+...+0);}`	FoldExpr	Appears only inuninstantiatedtemplates
`int`func`(`format`,...);`	FormattingFunctionCall
`[=](float`b`)->float` `{return`captured`*`b`;}`	LambdaExpression	C++11
`^int(int`x`,int`y`){` `{`Stmt…`;return`x`+`y`;}`	BlockExpr	Apple extension
`void`labelptr`=&&`label*`;`	LabelLiteral	GNU extension; use withComputedGotoStmt
“%3d %s\n”	FormatLiteral
0xdbceffca	HexLiteral
0167	OctalLiteral
‘c’	CharLiteral
“abcdefgh”,L”wide”	StringLiteral
`new`Type`[`Expr`]`	NewArrayExpr
`new`Type	NewExpr
`delete[]`Expr`;`	DeleteArrayExpr
`delete`Expr`;`	DeleteExpr
`noexcept(`Expr`)`	NoExceptExpr
Expr`=`Expr	AssignExpr	See alsoInitializer
Expr`+=`Expr	AssignAddExpr AssignPointerAddExpr
Expr`/=`Expr	AssignDivExpr
Expr`*=`Expr	AssignMulExpr
Expr`%=`Expr	AssignRemExpr
Expr`-=`Expr	AssignSubExpr AssignPointerSubExpr
Expr`&=`Expr	AssignAndExpr
Expr`<<=`Expr	AssignLShiftExpr
Expr ``	=``Expr	AssignOrExpr
Expr`>>=`Expr	AssignRShiftExpr
Expr`^=`Expr	AssignXorExpr
Expr`+`Expr	AddExpr PointerAddExpr ImaginaryRealAddExpr RealImaginaryAddExpr	C99 C99
Expr`/`Expr	DivExpr ImaginaryDivExpr	C99
Expr`>?`Expr	MaxExpr	GNU extension
Expr`<?`Expr	MinExpr	GNU extension
Expr`*`Expr	MulExpr ImaginaryMulExpr	C99
Expr`%`Expr	RemExpr
Expr`-`Expr	SubExpr PointerDiffExpr PointerSubExpr ImaginaryRealSubExpr RealImaginarySubExpr	C99 C99
Expr`&`Expr	BitwiseAndExpr
Expr`\|`Expr	BitwiseOrExpr
Expr`^`Expr	BitwiseXorExpr
Expr`<<`Expr	LShiftExpr
Expr`>>`Expr	RShiftExpr
Expr`&&`Expr	LogicalAndExpr
Expr`\|\|`Expr	LogicalOrExpr
Expr`==`Expr	EQExpr
Expr`!=`Expr	NEExpr
Expr`>=`Expr	GEExpr
Expr`>`Expr	GTExpr
Expr`<=`Expr	LEExpr
Expr`<`Expr	LTExpr
Expr`?`Expr`:`Expr	ConditionalExpr
`&`Expr	AddressOfExpr
`*`Expr	PointerDereferenceExpr
Expr`--`	PostfixDecrExpr
`--`Expr	PrefixDecrExpr
Expr`++`	PostfixIncrExpr
`++`Expr	PrefixIncrExpr
`__imag(`Expr`)`	ImaginaryPartExpr	GNU extension
`__real(`Expr`)`	RealPartExpr	GNU extension
`-`Expr	UnaryMinusExpr
`+`Expr	UnaryPlusExpr
`~`Expr	ComplementExpr ConjugationExpr	GNU extension
`!`Expr	NotExpr
`int`vect`__attribute__` `((vector_size(`16`)))` `={`3`,`8`,`32`,`33`};`	VectorFillOperation	GNU extension
`sizeof(`Expr`)`	SizeofExprOperator
`sizeof(`Type`)`	SizeofTypeOperator
`template<typename...`T`>` `int`count`(`T`&&...`t`)` `{returnsizeof...(`t`);}`	SizeofPackOperator
`({`Stmt…`;`Expr`})`	StmtExpr	GNU/Clang extension
`this`	ThisExpr
`throw(`Expr`);`	ThrowExpr
`throw;`	ReThrowExpr
`typeid(`Expr`)` `typeid(`Type`)`	TypeidOperator
`__uuidof(`Expr`)`	UuidofOperator	Microsoft extension

Type classes¶

This table lists subclasses ofType representing C/C++ types.

Example syntax	CodeQL class	Remarks
`void`	VoidType
`_Bool` or`bool`	BoolType
`char16_t`	Char16Type	C11, C++11
`char32_t`	Char32Type	C11, C++11
`char`	PlainCharType
`signedchar`	SignedCharType
`unsignedchar`	UnsignedCharType
`int`	IntType
`longlong`	LongLongType
`long`	LongType
`short`	ShortType
`wchar_t`	WideCharType
`nullptr_t`	NullPointerType
`double`	DoubleType
`longdouble`	LongDoubleType
`float`	FloatType
`auto`	AutoType
`decltype(`Expr`)`	Decltype
Type`[`n`]`	ArrayType
Type`(^`blockptr`)(`Parameter…`)`	BlockType	Apple extension
Type`(`funcptr*`)(`Parameter…`)`	FunctionPointerType
Type`(&`funcref`)(`Parameter…`)`	FunctionReferenceType
Type`__attribute__((vector_size(`n`)))`	GNUVectorType
Type`*`	PointerType
Type`&`	LValueReferenceType
Type`&&`	RValueReferenceType
Type`(`Class`::`membptr*`)(`Parameter…`)`	PointerToMemberType
`template<template<typename>class`C`>`	TemplateTemplateParameter
`template<typename`T`>`	TemplateParameter

Preprocessor classes¶

This table listsPreprocessor classes representing C/C++ preprocessing directives.

Example syntax	CodeQL class	Remarks
`#elif`condition	PreprocessorElif
`#if`condition	PreprocessorIf
`#ifdef`macro	PreprocessorIfdef
`#ifndef`macro	PreprocessorIfndef
`#else`	PreprocessorElse
`#endif`	PreprocessorEndif
`#line`line_numberfile_name	PreprocessorLine
`#pragma`pragma_property	PreprocessorPragma
`#undef`macro	PreprocessorUndef
`#warning`message	PreprocessorWarning
`#error`message	PreprocessorError
`#include`file_name	Include
`#import`file_name	Import	Apple/NeXT extension
`#include_next`file_name	IncludeNext	Apple/NeXT extension
`#define`macro …	Macro

Movatterモバイル変換