Skip to content

v2.39.0

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 10 Dec 21:27
v2.39.0
862f2a1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Release summary

  • New queries added for the following rule packages: Alignment, InvalidMemory3
  • The following changes have been made for this release:
  • RULE-18-8 - VariableLengthArrayTypesUsed.ql:
    • Implement changes declared in MISRA C 2012 Amendment 4. This rule now only bans the use of VLA objects. Rules restricting the use of VLA types -- specifically, pointers to VLA types -- are now implemented in RULE-18-10.
  • EXP-35-C - DoNotModifyObjectsWithTemporaryLifetime.ql
    • Refactor component into a shared library, should not have any effect on rule results.
  • M5-0-3, M5-0-7, M5-0-8, M5-0-9 - CvalueExpressionConvertedToDifferentUnderlyingType.ql, ExplicitFloatingIntegralConversionOfACValueExpr.ql, ExplicitWideningConversionOfACValueExpr.ql, ExplicitSignedness.ql:
    • Reduce false positives from misidentifying an explicitly casted expression used as a function argument or return value as a cvalue.
  • A7-1-2 - VariableMissingConstexpr.ql:
    • Do not report on member variables if the class has un-instantiated member function(s).
    • Check a call's qualifier as well whether it can be compile time evaluated or not.
  • A13-3-1 - FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql:
    • Reduce false positives by explicitly checking that the locations of overloaded functions are different.
  • Updated the CodeQL version to 2.18.4.
  • A12-8-6 - CopyAndMoveNotDeclaredProtected.ql:
    • Implicitly created copy and move constructors will no longer be flagged in tenplate instantiations when they are unused, or trivial (tracked at #811).
  • A2-10-1 - IdentifierHiding.ql:
    • Improved evaluation performance.
    • Addressed false negatives where nested loops used the same variable name.
    • Exclude cases where a variable declared in a lambda expression shadowed a global or namespace variable that did not appear in the same translation unit.
  • RULE-5-3 - IdentifierHidingC.ql:
    • Improved evaluation performance.
    • Addressed false negatives where nested loops used the same variable name.

Supported versions

  • The LGTM pack is not supported on any released version of LGTM without support from GitHub Professional Services.
  • The Code Scanning pack is supported when:
    • Using the CodeQL CLI version 2.18.4 in conjunction with a copy of the CodeQL standard library for C++ (github/codeql) set to the tag codeql-cli/v2.18.4.
    • Using the CodeQL Action or CodeQL runner with the codeql-bundle-v2.18.4.

Appendix: MISRA-C-2012 new queries

New queries added to cover the following rules:

  • RULE-8-15 - RedeclarationOfObjectWithoutAlignment.ql, RedeclarationOfObjectWithUnmatchedAlignment.ql
  • RULE-8-16 - AlignmentWithSizeZero.ql
  • RULE-8-17 - MoreThanOneAlignmentSpecifierOnDeclaration.ql
  • RULE-18-9 - ArrayToPointerConversionOfTemporaryObject.ql, ModifiableLValueSubscriptedWithTemporaryLifetime.ql
  • RULE-18-10 - PointersToVariablyModifiedArrayTypesUsed.ql
Assets 9
Loading