Skip to content

C++: Addresses may escape through call qualifiers #3382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 1, 2020
Merged

C++: Addresses may escape through call qualifiers #3382

merged 3 commits into from
May 1, 2020

Conversation

jbj
Copy link
Contributor

@jbj jbj commented Apr 30, 2020

Also clarify the docs on Call to decrease the likelyhood of such an omission happening again.

The updated test reflects that f1.operator() lets the address of f1 escape from the caller.

@jbj
C++: Addresses may escape through call qualifiers
8ffa124 
Also clarify the docs on `Call` to decrease the likelyhood of such an
omission happening again.

The updated test reflects that `f1.operator()` lets the address of `f1`
escape from the caller.
@jbj jbj added the C++ label Apr 30, 2020
@jbj
C++: Fix "is constant" check
9fc27e9 
The check was supposed to check for constant type, not constant value.
This fixes a false negative that appeared in
`LargeParameter/test.cpp:106`.
MathiasVP
MathiasVP reviewed May 1, 2020
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! (apart from the failing testcase).

At some point it might be worth including a testcase for an invocation of a lambda with a mutable keyword attached.

@jbj
C++: Accept test changes
9b9f524 
Lambda invocations are apparently const. This was exposed by the fix in
the previous commit.
@MathiasVP MathiasVP merged commit 2e34637 into github:master May 1, 2020
jbj added a commit to jbj/ql that referenced this pull request May 7, 2020
@jbj
Merge commit '52d8acc1a198c5ea29c1dddceda1d6c0fb75de14' into dataflow…
88eeca3 
…-defbyref-to-field

This is a partial merge from master. In particular, it takes in github#3382
and github#3385.
geoffw0 added a commit to geoffw0/ql that referenced this pull request May 7, 2020
@geoffw0
C++: Effect of github#3382.
68544c7
geoffw0 added a commit to geoffw0/ql that referenced this pull request May 7, 2020
@geoffw0
C++: Effect of github#3382.
bff97d9
@geoffw0 geoffw0 mentioned this pull request May 7, 2020
Merged
jbj added a commit to jbj/ql that referenced this pull request May 11, 2020
@jbj
C++: Call qualifiers are passed by reference
bebd5ae 
After github#3382 changed the escape analysis to model qualifiers as escaping,
there was an imbalance in the SSA library, where `addressTakenVariable`
excludes variables from SSA analysis if they have their address taken
but are _not_ passed by reference. This showed up as a missing result in
`TOCTOUFilesystemRace.ql`, demonstrated with a test case in github#3432.

This commit changes the definition of "pass by reference" to include
call qualifiers, which allows SSA modeling of variables that have member
function calls on them.
@jbj jbj mentioned this pull request May 11, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MathiasVP MathiasVP MathiasVP approved these changes

Assignees

@MathiasVP MathiasVP

Labels
C++
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jbj @MathiasVP