wip

firedancer-io · Nov 22, 2024 · f15cfa1 · f15cfa1
1 parent b7b00fc
commit f15cfa1
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 7 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,6 +1,9 @@
 name: "CodeQL Nightly Analysis"
 
 on:
+    push:
+      branches:
+        - 'codeql-improvement'
     workflow_call:
     workflow_dispatch:
 

diff --git a/contrib/codeql/BuiltinExpectScopeTooNarrow.ql b/contrib/codeql/BuiltinExpectScopeTooNarrow.ql
@@ -29,4 +29,5 @@ where
        (e instanceof BinaryLogicalOperation) or
        (e instanceof ConditionalExpr)) and
   included(builtinCall.getLocation())
-select builtinCall, "Use of __builtin_expect() in non-conditional context"
+select builtinCall, "Use of __builtin_expect() in non-conditional context"
+
diff --git a/contrib/codeql/NonAnnotatedFormatFunction.ql b/contrib/codeql/NonAnnotatedFormatFunction.ql
@@ -1,6 +1,6 @@
 /**
  * Find calls to functions that likely expect a format string but are not annotated as such.
- * @id cpp/non-annotated-format-function
+ * @id asymmetric-research/non-annotated-format-function
  * @kind problem
  * @severity warning
  */
@@ -12,4 +12,5 @@ where s.getValueText().regexpMatch(".*%[A-z0-9$].*") and
 s.getParent().(FunctionCall).getTarget() = f and  /* ignores dynamic function calls */
 not exists( Attribute attr | attr = f.getAnAttribute() | attr.getName() = "format" ) and
 f.getLocation().getFile().getRelativePath().regexpMatch("src/.*")
-select f, "Likely format string passed to non-format function"
+select f, "Likely format string passed to non-format function"
+
diff --git a/contrib/codeql/RedundantNullCheck.ql b/contrib/codeql/RedundantNullCheck.ql
@@ -218,4 +218,4 @@
 
  select checked, deref, checked, "This null check is redundant because $@ in any case.", deref,
    "the value is dereferenced"
- 
+
diff --git a/contrib/codeql/UnclearOperatorPrecedence.ql b/contrib/codeql/UnclearOperatorPrecedence.ql
@@ -12,4 +12,5 @@ from BinaryBitwiseOperation bit, ComparisonOperation rel, Expr other
 where
     bit.hasOperands(rel, other) and
     not rel.isParenthesised()
-select rel, "Operator precedence and paranthese hint at a likely issue"
+select rel, "Operator precedence and paranthese hint at a likely issue"
+
diff --git a/contrib/codeql/filter.qll b/contrib/codeql/filter.qll
@@ -3,5 +3,5 @@
  */
 import cpp
 predicate included(Location loc) {
-  loc.getFile().getRelativePath().prefix(5) != "agave/"
-}
+  loc.getFile().getRelativePath().prefix(6) != "agave/"
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -218,4 +218,4 @@

		select checked, deref, checked, "This null check is redundant because $@ in any case.", deref,
		"the value is dereferenced"