Skip to content

C++: Detect non-allocating placement new in cpp/memory-never-freed #523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 23, 2018
Merged

C++: Detect non-allocating placement new in cpp/memory-never-freed #523

merged 2 commits into from
Nov 23, 2018

Conversation

jbj
Copy link
Contributor

@jbj jbj commented Nov 22, 2018

This addresses CPP-294. It's a more conservative solution than what we've talked about because I think a more complete solution is at risk of introducing false negatives. Therefore I'd prefer that proposals for a more complete solution should be based on actual FPs in actual projects.

jbj added 2 commits November 22, 2018 10:48
@jbj
C++: Placement-new tests for MemoryNeverFreed.ql
a17deba
@jbj
C++: Detect non-allocating placement new
75873bb 
This adds a `NewOrNewArrayExpr.getPlacementPointer` predicate and uses
it in `Alloc.qll` to detect when a `new`-expression is not an
allocation.

User-defined replacements for `operator new` may not be allocations
either, but the code continues to assume that they are. It's possible
that we want to change this assumption in the future or leave it up to
individual queries to decide on which side to err. It's hard to
statically tell whether `operator new` has been overloaded in a
particular file because it can be overloaded by a definition that is not
in scope but is only linked together with that file.
@jbj jbj added the C++ label Nov 22, 2018
@jbj jbj added this to the 1.19 milestone Nov 22, 2018
@jbj jbj requested a review from a team as a code owner November 22, 2018 10:47
@jbj
Copy link
Contributor Author

jbj commented Nov 22, 2018

The test failures will be fixed by #525.

geoffw0
geoffw0 approved these changes Nov 22, 2018
View reviewed changes
Copy link
Contributor

@geoffw0 geoffw0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jbj
Copy link
Contributor Author

jbj commented Nov 23, 2018

I think this is good to merge. I haven't re-run the Azure tests, but I've re-run Language-Tests/CPP after #525 was merged, and it passes now.

@geoffw0 geoffw0 merged commit 0a27022 into github:master Nov 23, 2018
@snyk-bot snyk-bot mentioned this pull request Apr 20, 2021
Merged
@snyk-bot snyk-bot mentioned this pull request Jun 23, 2021
Open
@aliscco aliscco mentioned this pull request May 8, 2022
Open
@aliscco aliscco mentioned this pull request Aug 30, 2022
Open
@aliscco aliscco mentioned this pull request Sep 24, 2022
Open
@verdinjoshua1982 verdinjoshua1982 mentioned this pull request Oct 14, 2022
Open
This was referenced Nov 29, 2023
Open
Open
@aliscco aliscco mentioned this pull request Mar 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geoffw0 geoffw0 geoffw0 approved these changes

Assignees
No one assigned
Labels
C++
Projects
None yet
Milestone
1.19
Development

Successfully merging this pull request may close these issues.
2 participants
@jbj @geoffw0