Skip to content

A5-2-2: Consider how to handle c-style casts generated from macros #32

New issue
New issue
Closed
#116
Closed
A5-2-2: Consider how to handle c-style casts generated from macros#32
#116
Assignees
lcartey
Labels
Difficulty-LowA false positive or false negative report which is expected to take <1 day effort to addressImpact-Highfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards
@lcartey

Description

@lcartey
lcartey
opened on Jul 27, 2022

Affected rules

  • A5-2-2

Description

Flagging c-style casts generated by macros can be confusing for the developer, because (a) it may not be clear where the cast is coming from and (b) the developer may not be able to address the finding, if the macro is defined in a library.

Some possible adjustments:

  • Only report expansions of macros defined within the source of the project. Rationale: you can modify macros you wrote, but not those written by others.
  • Update the alert message to report that the cast is generated as part of a macro invocation of the given macro.

Example

#define ADD_ONE(X) ((int)X) + 1
void example_function() {
  int i = ADD_ONE(1);
}

Metadata

Metadata

Assignees

Labels

Difficulty-LowA false positive or false negative report which is expected to take <1 day effort to addressImpact-Highfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards

Type

No type

Projects

Coding Standards Public Development Board

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions