codeql-coding-standards icon indicating copy to clipboard operation
codeql-coding-standards copied to clipboard
verified publisher icon github

`CON51-CPP`: Falsely reports potential leaks of std::lock_guard

Open MichaelRFairhurst opened this issue 2 months ago • 0 comments

Affected rules

  • 'CON51-CPP'

Description

The description of CON51-CPP recommends that users use std::lock_guard to avoid leaking locked mutexes when an exception occurs. However, it seems that this rule was likely implemented before we supported std::lock_guard in our LockProtectedControlFlowNode class, and it assumes all locks require a catch block. Most likely, we later added support for std::lock_guard and didn't update this rule to allow LockProtectedControlFlowNodes without catch blocks when the lock cannot leak.

Example

void example_function(std::mutex& m) {
  std::lock_guard<std::mutex> lg(m);

  // alert is falsely reported that this function requires a catch block to unlock lg.
  return;
}

MichaelRFairhurst avatar Nov 19 '25 23:11 MichaelRFairhurst