CodeQL library for C/C++
codeql/cpp-all 6.0.1-dev (changelog, source)
Index
Search

Module SimpleRangeAnalysisCached

Import path

import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis

Predicates

convertedExprMightOverflow

Holds if the expression might overflow (either positively or negatively). The possibility that the expression might overflow due to an implicit or explicit cast is also considered.

convertedExprMightOverflowNegatively

Holds if the expression might overflow negatively. Conversions are also taken into account. For example the expression (int16)(x+y) might overflow due to the (int16) cast, rather than due to the addition.

convertedExprMightOverflowPositively

Holds if the expression might overflow positively. Conversions are also taken into account. For example the expression (int16)(x+y) might overflow due to the (int16) cast, rather than due to the addition.

defMightOverflow

Holds if the definition might overflow (either positively or negatively).

defMightOverflowNegatively

Holds if the definition might overflow negatively.

defMightOverflowPositively

Holds if the definition might overflow positively.

exprMightOverflowNegatively

Holds if the expression might overflow negatively. This predicate does not consider the possibility that the expression might overflow due to a conversion.

exprMightOverflowPositively

Holds if the expression might overflow positively. This predicate does not consider the possibility that the expression might overflow due to a conversion.

exprWithEmptyRange

Holds if expr has a provably empty range. For example:

lowerBound

Gets the lower bound of the expression.

upperBound

Gets the upper bound of the expression.

upperBoundMayBeWidened

Holds if the upper bound of expr may have been widened. This means the upper bound is in practice likely to be overly wide.