- Notifications
You must be signed in to change notification settings - Fork1.7k
C++: Reduce duplication incpp/uncontrolled-process-operation#20059
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
C++: Reduce duplication incpp/uncontrolled-process-operation#20059
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Pull Request Overview
This PR simplifies theUncontrolledProcessOperation.ql query by removing redundant code that was checking for process operation arguments using both direct and indirect expression patterns. The change eliminates duplication by keeping only theasIndirectExpr() method, as having both methods doesn't change the query results and was a leftover from earlier porting work.
Key Changes
- Removed redundant expression matching pattern in process operation detection
- Simplified argument matching to use only indirect expressions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
LGTM
58aa758 intogithub:mainUh oh!
There was an error while loading.Please reload this page.
Having both
asExpr()andasIndirectExpr()doesn't appear to change any results. This was a leftover from back when we ported the default-taint-tracking queries over, and we still had a few remaining bugs inasExprandasIndirectExpr, and probably some remaining pointer sources that needed to be converted to pointee sources.I've manually verified that all the removed results from DCA are due to deduplication.