CPP: Fix FPs for 'Resource not released in destructor' involving virtual method calls#562
Conversation
|
Without a proper virtual-dispatch library you'll get false negatives in the test if you define a I can probably be persuaded to merge a stub virtual-dispatch library since it'll be better than having nothing at all. I'm wary of adding it to |
| e.(FunctionCall).getTarget() = f and | ||
| ( | ||
| e.(FunctionCall).getTarget() = f or | ||
| e.(FunctionCall).getTarget().(MemberFunction).getAnOverridingFunction*() = f |
I've added some test cases that verify this behaviour.
OK, let's do a proper library at a later date then.
Not too bad: Note that due to the |
Remove accidentally added binary
Fixes https://jira.semmle.com/browse/CPP-308. The fix is to account for calls to virtual methods releasing memory via overriding function definitions in derived classes.
@jbj I'm tempted to move the fix into
Function.qllwith the addition of a function:This comes very close to your ideas about a virtual dispatch library, however my solution appears rather trivial (and I'm not completely sure about the last line). How much complexity do you think there would need to be in such a library? What can we do better than the above?