For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

RangeAnalysis

Module RangeAnalysis

Provides an AST-based interface to the relative range analysis, which tracks bounds of the form a <= b + delta for expressions a and b and an integer offset delta.

Import path


                                import semmle.code.cpp.rangeanalysis.new.RangeAnalysis

Predicates

bounded	Holds if e is bounded by `b + delta`. The bound is an upper bound if `upper` is true, and can be traced back to a guard represented by `reason`.
convertedBounded	Holds if e is bounded by `b + delta`. The bound is an upper bound if `upper` is true, and can be traced back to a guard represented by `reason`. The `Expr` may be a conversion.

Classes

Bound	A bound that may be inferred for an expression plus/minus an integer delta.
CondReason	A reason for an inferred bound pointing to a condition.
NoReason	A reason for an inferred bound that indicates that the bound is inferred without going through a bounding condition.
Reason	A reason for an inferred bound. This can either be `CondReason` if the bound is due to a specific condition, or `NoReason` if the bound is inferred without going through a bounding condition.
ValueNumberBound	A bound corresponding to the value of an `Instruction`.
ZeroBound	The bound that corresponds to the integer 0. This is used to represent all integer bounds as bounds are always accompanied by an added integer delta.