codeql-coding-standards icon indicating copy to clipboard operation
codeql-coding-standards copied to clipboard
verified publisher icon github

`A2-10-1`: False positive around null identifiers on tuple-like types in structural binding (relevant C++17 only)

Open knewbury01 opened this issue 1 year ago • 0 comments

Affected rules

  • A2-10-1
  • RULE-5-3
  • M0-1-3

Description

the extractor creates local variables for each identifier, and one for the entire binding. The later is of type tuple without a name, so it gets (null) . This means if you have another structured binding later on, the rule is falsely triggered because the name is the same.

Example


#include <tuple>
void f9(int x, int y){
  auto tup = std::make_tuple(1, 2);
  const auto & [ a, b ] = tup;
  const auto & [ c, d ] = tup;
}

this example will require additional stubbing to be added to the tuple.h stub, as it currently will not compile due to tuples in that stub not currently having elements. Compilation error message: error: type 'const std::tuple<int, int>' decomposes into 0 elements, but 2 names were provided (ie needs to have mechanism to have elements and get those elements)

another example is the current finding in openpilot- dmonitoring.cc:82:10 from query IdentifierHiding.ql

knewbury01 avatar May 07 '24 20:05 knewbury01