From 4c525ce7ab75d94d37c0792d264458f9d55c06be Mon Sep 17 00:00:00 2001 From: Simon Friis Vindum Date: Thu, 19 Mar 2026 10:31:22 +0100 Subject: [PATCH] C++: Add `cpp/extraction-information` query --- .../cpp-code-scanning.qls.expected | 1 + .../cpp-security-and-quality.qls.expected | 1 + .../cpp-security-extended.qls.expected | 1 + cpp/ql/src/Telemetry/DatabaseQuality.qll | 25 +++++++++++++++++++ cpp/ql/src/Telemetry/ExtractorInformation.ql | 25 +++++++++++++++++++ 5 files changed, 53 insertions(+) create mode 100644 cpp/ql/src/Telemetry/DatabaseQuality.qll create mode 100644 cpp/ql/src/Telemetry/ExtractorInformation.ql diff --git a/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected index 33c02079fff8..57d240fd7958 100644 --- a/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected +++ b/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected @@ -52,5 +52,6 @@ ql/cpp/ql/src/Summary/LinesOfUserCode.ql ql/cpp/ql/src/Telemetry/CompilerErrors.ql ql/cpp/ql/src/Telemetry/DatabaseQuality.ql ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/ExtractorInformation.ql ql/cpp/ql/src/Telemetry/MissingIncludes.ql ql/cpp/ql/src/Telemetry/SucceededIncludes.ql diff --git a/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected index 9ef67d525cd0..cb4e5f7b305a 100644 --- a/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected +++ b/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected @@ -160,6 +160,7 @@ ql/cpp/ql/src/Summary/LinesOfUserCode.ql ql/cpp/ql/src/Telemetry/CompilerErrors.ql ql/cpp/ql/src/Telemetry/DatabaseQuality.ql ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/ExtractorInformation.ql ql/cpp/ql/src/Telemetry/MissingIncludes.ql ql/cpp/ql/src/Telemetry/SucceededIncludes.ql ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 32.ql diff --git a/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected index f014b6d5dc51..7c5e3d98c5c7 100644 --- a/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected +++ b/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected @@ -93,5 +93,6 @@ ql/cpp/ql/src/Summary/LinesOfUserCode.ql ql/cpp/ql/src/Telemetry/CompilerErrors.ql ql/cpp/ql/src/Telemetry/DatabaseQuality.ql ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/ExtractorInformation.ql ql/cpp/ql/src/Telemetry/MissingIncludes.ql ql/cpp/ql/src/Telemetry/SucceededIncludes.ql diff --git a/cpp/ql/src/Telemetry/DatabaseQuality.qll b/cpp/ql/src/Telemetry/DatabaseQuality.qll new file mode 100644 index 000000000000..d06655618199 --- /dev/null +++ b/cpp/ql/src/Telemetry/DatabaseQuality.qll @@ -0,0 +1,25 @@ +import cpp +import codeql.util.ReportStats + +module CallTargetStats implements StatsSig { + private class RelevantCall extends Call { + RelevantCall() { this.getFile() = any(File f | f.fromSource() and exists(f.getRelativePath())) } + } + + // We assume that calls with an implicit target are calls that could not be + // resolved. This is accurate in the vast amount of cases, but is inaccurate + // for calls that deliberately rely on implicitly declared functions. + private predicate hasImplicitTarget(RelevantCall call) { + call.getTarget().getADeclarationEntry().isImplicit() + } + + int getNumberOfOk() { result = count(RelevantCall call | not hasImplicitTarget(call)) } + + int getNumberOfNotOk() { result = count(RelevantCall call | hasImplicitTarget(call)) } + + string getOkText() { result = "calls with call target" } + + string getNotOkText() { result = "calls with missing call target" } +} + +module CallTargetStatsReport = ReportStats; diff --git a/cpp/ql/src/Telemetry/ExtractorInformation.ql b/cpp/ql/src/Telemetry/ExtractorInformation.ql new file mode 100644 index 000000000000..6e134ccd05f7 --- /dev/null +++ b/cpp/ql/src/Telemetry/ExtractorInformation.ql @@ -0,0 +1,25 @@ +/** + * @name C/C++ extraction information + * @description Information about the extraction for a C/C++ database + * @kind metric + * @tags summary telemetry + * @id cpp/telemetry/extraction-information + */ + +import cpp +import DatabaseQuality + +from string key, float value +where + ( + CallTargetStatsReport::numberOfOk(key, value) or + CallTargetStatsReport::numberOfNotOk(key, value) or + CallTargetStatsReport::percentageOfOk(key, value) + ) and + /* Infinity */ + value != 1.0 / 0.0 and + /* -Infinity */ + value != -1.0 / 0.0 and + /* NaN */ + value != 0.0 / 0.0 +select key, value