Skip to content

A4-7-1: Identify guards for shift operations #396

New issue
New issue
Closed
#542
Closed
A4-7-1: Identify guards for shift operations#396
#542
Assignees
rvermeulen
Labels
Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-Mediumfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards
@lcartey

Description

@lcartey
lcartey
opened on Oct 5, 2023

Affected rules

  • A4-7-1

Description

The IntegerExpressionLeadToDataLoss.ql query does not detect/identify guards for shift operations.

We already implement appropriate guards in the C rule INT34-C, and we should consider combining the implementations.

Example

std::size_t pow2(std::size_t i) {
  if (i < (sizeof(std::size_t) * CHAR_BIT)) {
     constexpr std::size_t one{1};
     return one << i; // COMPLIANT
  }
}

Metadata

Metadata

Assignees

Labels

Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-Mediumfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards

Type

No type

Projects

Coding Standards Public Development Board

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions