Skip to content

CTR55-CPP: Consider iter != last to be a bounds check #374

Closed
#561
Closed
CTR55-CPP: Consider iter != last to be a bounds check#374
#561
Assignees
knewbury01
Labels
Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-MediumPhase IIfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards
@lcartey

Description

@lcartey
lcartey
opened on Oct 2, 2023

Affected rules

  • CTR55-CPP

Description

This query has a fairly restricted view of what a valid bounds check consists of. Consider expanding to support iter != last as a valid bound check, if last is derived from end(). We should also consider the case of utility methods on iterators, and whether they are correct at the call site.

Example

for (; iter != end; ++iter) {
}

Metadata

Metadata

Assignees

Labels

Difficulty-MediumA false positive or false negative report which is expected to take 1-5 days effort to addressImpact-MediumPhase IIfalse positive/false negativeAn issue related to observed false positives or false negatives.user-reportIssue reported by an end user of CodeQL Coding Standards

Type

No type

Fields

No fields configured for issues without a type.

Projects

Coding Standards Public Development Board

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions