codeql-coding-standards icon indicating copy to clipboard operation
codeql-coding-standards copied to clipboard
verified publisher icon github

Enhancement to CON-41C

Open jsinglet opened this issue 3 years ago • 0 comments

Context: https://github.com/github/codeql-coding-standards/pull/45#discussion_r943837378

Although this query will catch a lot real-world examples of flawed usage of weak cmpxchg functions (e.g., those used in one-off if-statements), I think that if false-positives don't become an issue, it can be improved by verifying that either:

The loop is infinite or The loop condition contains the call and checks its result or The loop condition checks a variable which is, within the loop, assigned either of the following: The return value of the weak cmpxchg function call (via local data flow) A literal assigned in and only in a block guarded by a success condition of the weak cmpxchg function call return value or To avoid false positives, any value assigned in a block guarded by the weak cmpxchg function call return value

jsinglet avatar Aug 12 '22 13:08 jsinglet