Skip to content

DCL53-CPP: Reports non syntactically ambiguous object declarations #812

New issue
New issue
Open
Open
DCL53-CPP: Reports non syntactically ambiguous object declarations#812
Labels
Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-Lowfalse positive/false negativeAn issue related to observed false positives or false negatives.
@lcartey

Description

@lcartey
lcartey
opened on Dec 6, 2024

Affected rules

  • DCL53-CPP

Description

LocalConstructorInitializedObjectHidesIdentifier.ql currently identifies variable declarations that call a constructor and hide an outer scope variable. However, this does not fully capture the cases covered by this vexing parsing situation, which is looking for S1(g1).

The following additions to the query could help address this problem:

  v.getInitializer().getExpr().(ConstructorCall).getNumberOfArguments() = 0 and
  not v.getInitializer().isBraced()

However this would still flag S1 g3; below - as we don't currently have a record of where the brackets were during parsing.

Example

This modification of the test case highlights the problems:

int g1 = 0;
int g2 = 0;
int g3 = 0;
int g4 = 0;
int g5 = 0;
int g6 = 0;
void f1() {
  S1(g1);   // NON_COMPLIANT
  S1 g2();  // NON_COMPLIANT
  S1 g3;    // COMPLIANT[FALSE_POSITIVE]
  S1 g4{};  // COMPLIANT[FALSE_POSITIVE]
  S1 g5(1); // COMPLIANT[FALSE_POSITIVE]
  S1 g6{1}; // COMPLIANT[FALSE_POSITIVE]
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-Lowfalse positive/false negativeAn issue related to observed false positives or false negatives.

    Type

    No type

    Projects

    Coding Standards Public Development Board

    Status

    Triaged

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions