Merge pull request #2542 from geoffw0/datetime

jbj · web-flow · commit 7e84453ec9ee · 2019-12-23T10:13:12.000+01:00
C++: Sort through the leap year and japanese era queries
diff --git a/change-notes/1.24/analysis-cpp.md b/change-notes/1.24/analysis-cpp.md
@@ -19,6 +19,7 @@ The following changes in version 1.24 affect C/C++ analysis in all applications.
 | Memory may not be freed (`cpp/memory-may-not-be-freed`) | More true positive results | This query now identifies a wider variety of buffer allocations using the `semmle.code.cpp.models.interfaces.Allocation` library. |
 | Hard-coded Japanese era start date (`cpp/japanese-era/exact-era-date`) |  | This query is no longer run on LGTM. |
 | No space for zero terminator (`cpp/no-space-for-terminator`) | Fewer false positive results | This query has been modified to be more conservative when identifying which pointers point to null-terminated strings.  This approach produces fewer, more accurate results. |
+| Unsafe array for days of the year (`cpp/leap-year/unsafe-array-for-days-of-the-year`) |  | This query is no longer run on LGTM. |
 
 ## Changes to libraries
 
diff --git a/cpp/ql/src/Best Practices/Magic Constants/JapaneseEraDate.ql b/cpp/ql/src/Best Practices/Magic Constants/JapaneseEraDate.ql
@@ -5,7 +5,8 @@
  * @problem.severity warning
  * @id cpp/japanese-era/exact-era-date
  * @precision low
- * @tags reliability
+ * @tags maintainability
+ *       reliability
  *       japanese-era
  */
 
diff --git a/cpp/ql/src/Likely Bugs/Leap Year/Adding365DaysPerYear.ql b/cpp/ql/src/Likely Bugs/Leap Year/Adding365DaysPerYear.ql
@@ -8,6 +8,7 @@
  * @id cpp/leap-year/adding-365-days-per-year
  * @precision medium
  * @tags leap-year
+ *       correctness
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql b/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql
@@ -6,6 +6,7 @@
  * @id cpp/leap-year/unchecked-after-arithmetic-year-modification
  * @precision medium
  * @tags leap-year
+ *       correctness
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql b/cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql
@@ -8,6 +8,7 @@
  * @id cpp/leap-year/unchecked-return-value-for-time-conversion-function
  * @precision medium
  * @tags leap-year
+ *       correctness
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql b/cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql
@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity warning
  * @id cpp/leap-year/unsafe-array-for-days-of-the-year
- * @precision medium
+ * @precision low
  * @tags security
  *       leap-year
  */
diff --git a/cpp/ql/src/semmle/code/cpp/commons/DateTime.qll b/cpp/ql/src/semmle/code/cpp/commons/DateTime.qll
@@ -10,22 +10,24 @@ import cpp
 class PackedTimeType extends Type {
   PackedTimeType() {
     this.getName() = "_FILETIME" or
-    this.getName().matches("_FILETIME %")
+    this.(DerivedType).getBaseType*().getName() = "_FILETIME"
   }
 }
 
+private predicate timeType(string typeName) {
+  typeName = "_SYSTEMTIME" or
+  typeName = "SYSTEMTIME" or
+  typeName = "tm"
+}
+
 /**
  * A type that is used to represent times and dates in an 'unpacked' form, that is,
  * with separate fields for day, month, year etc.
  */
 class UnpackedTimeType extends Type {
   UnpackedTimeType() {
-    this.getName() = "_SYSTEMTIME" or
-    this.getName() = "SYSTEMTIME" or
-    this.getName() = "tm" or
-    this.getName().matches("_SYSTEMTIME %") or
-    this.getName().matches("SYSTEMTIME %") or
-    this.getName().matches("tm %")
+    timeType(this.getName()) or
+    timeType(this.(DerivedType).getBaseType*().getName())
   }
 }
 
