Skip to content

C++: Fix FPs in cpp/overflow-buffer #18615

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MathiasVP merged 6 commits into from
Jan 29, 2025
Merged

C++: Fix FPs in cpp/overflow-buffer #18615

MathiasVP merged 6 commits into from
Jan 29, 2025

Conversation

@MathiasVP
Copy link
Contributor

@MathiasVP MathiasVP commented Jan 28, 2025
edited
Loading

Consider this snippet:

struct S {
  uint8_t a;
  uint8_t b;
  uint8_t c;

  void test() {
    memset(&b, 0, sizeof(S) - offsetof(S, b));
  };
};

The cpp/overflow-buffer query flags this up claiming that we overrun the buffer b (of size 8) because the memset may access 16 bytes starting at the address &b. However, this access is fine, and this is just a fancy way of zero'ing b and c.

This PR fixes this by modifying the initial size deduced from &b so that it correctly reflects that it's fine to access 16 bytes starting at this address.

Commit-by-commit review encouraged.

While DCA appears uneventful, this appears to solve quite a few FPs at Microsoft 🎉

@github-actions github-actions bot added the C++ label Jan 28, 2025
@MathiasVP MathiasVP marked this pull request as ready for review January 28, 2025 17:50
Copilot AI review requested due to automatic review settings January 28, 2025 17:50
@MathiasVP MathiasVP requested a review from a team as a code owner January 28, 2025 17:50
Copilot AI reviewed Jan 28, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Comments suppressed due to low confidence (1)

cpp/ql/src/change-notes/2025-01-28-overflow-buffer.md:2

  • [nitpick] The category name 'minorAnalysis' could be clearer or more standardized. Consider using a recognized category name or a more descriptive identifier.
category: minorAnalysis

Tip: Copilot code review supports C#, Go, Java, JavaScript, Markdown, Python, Ruby and TypeScript, with more languages coming soon. Learn more

geoffw0
geoffw0 reviewed Jan 29, 2025
View reviewed changes
Copy link
Contributor

@geoffw0 geoffw0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change LGTM.

MathiasVP and others added 2 commits January 29, 2025 11:03
@MathiasVP MathiasVP merged commit 4b2c7ef into github:main Jan 29, 2025
10 checks passed
@MathiasVP MathiasVP mentioned this pull request Jan 29, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@geoffw0 geoffw0 geoffw0 approved these changes

Assignees

No one assigned

Labels

C++ documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MathiasVP @geoffw0