From 0b68c1c974040629fd929be1fccf098ee1c2aadd Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Fri, 15 Aug 2025 11:20:31 +0100 Subject: [PATCH 1/5] C++: Add some more tests for SloppyGlobal --- .../SloppyGlobal/SloppyGlobal.expected | 8 ++++++++ .../Best Practices/SloppyGlobal/main.cpp | 16 ++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected index 692f7d81cd6c..712c319c4c6a 100644 --- a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected +++ b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected @@ -1,2 +1,10 @@ | main.cpp:3:5:3:5 | x | Poor global variable name 'x'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | | main.cpp:4:5:4:6 | ys | Poor global variable name 'ys'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:9:5:9:6 | v1 | Poor global variable name 'v1'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:10:5:10:6 | v2 | Poor global variable name 'v2'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:12:5:12:5 | v3 | Poor global variable name 'v3'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:14:3:14:3 | v4 | Poor global variable name 'v4'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:14:5:14:5 | v4 | Poor global variable name 'v4'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:16:3:16:3 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:16:3:16:3 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | +| main.cpp:16:5:16:5 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | diff --git a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp index 1b1b7ee0280b..8ec2e49e38bf 100644 --- a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp +++ b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp @@ -5,3 +5,19 @@ int ys[1000000]; // BAD: too short int descriptive_name; // GOOD: sufficient static int z; // GOOD: not a global + +int v1; +int v2; +template +T v3; +template +T v4; +template +T v5; + +void use_some_fs() { + v2 = 100; + v4 = 200; + v5 = 300; + v5 = "string"; +} From 4b786061d6c9fda72f312ce44d60a82e473d43ed Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Fri, 15 Aug 2025 11:23:48 +0100 Subject: [PATCH 2/5] C++: SloppyGlobal: Don't alert on template instantiations, only the template --- cpp/ql/src/Best Practices/SloppyGlobal.ql | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cpp/ql/src/Best Practices/SloppyGlobal.ql b/cpp/ql/src/Best Practices/SloppyGlobal.ql index 4c1935627d52..b20e0271db87 100644 --- a/cpp/ql/src/Best Practices/SloppyGlobal.ql +++ b/cpp/ql/src/Best Practices/SloppyGlobal.ql @@ -14,6 +14,9 @@ import semmle.code.cpp.ConfigurationTestFile from GlobalVariable gv where gv.getName().length() <= 3 and + // We will give an alert for the TemplateVariable, so we don't + // need to also give one for each instantiation + not gv instanceof VariableTemplateInstantiation and not gv.isStatic() and not gv.getFile() instanceof ConfigurationTestFile // variables in files generated during configuration are likely false positives select gv, From bfd4c41ed9251a50b22836a4ed88a8dd6d2f9795 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Fri, 15 Aug 2025 11:24:19 +0100 Subject: [PATCH 3/5] C++: SloppyGlobal: Accept test changes We no longer alert on template instantiations, just the template. --- .../Best Practices/SloppyGlobal/SloppyGlobal.expected | 3 --- 1 file changed, 3 deletions(-) diff --git a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected index 712c319c4c6a..ceccd95ea3c4 100644 --- a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected +++ b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/SloppyGlobal.expected @@ -3,8 +3,5 @@ | main.cpp:9:5:9:6 | v1 | Poor global variable name 'v1'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | | main.cpp:10:5:10:6 | v2 | Poor global variable name 'v2'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | | main.cpp:12:5:12:5 | v3 | Poor global variable name 'v3'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | -| main.cpp:14:3:14:3 | v4 | Poor global variable name 'v4'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | | main.cpp:14:5:14:5 | v4 | Poor global variable name 'v4'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | -| main.cpp:16:3:16:3 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | -| main.cpp:16:3:16:3 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | | main.cpp:16:5:16:5 | v5 | Poor global variable name 'v5'. Prefer longer, descriptive names for globals (eg. kMyGlobalConstant, not foo). | From 3157fcdf793327d56c58ad48fe453c8dcf29e5fb Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Fri, 15 Aug 2025 12:07:09 +0100 Subject: [PATCH 4/5] C++: Add some BAD annotations to SloppyGlobal test --- .../query-tests/Best Practices/SloppyGlobal/main.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp index 8ec2e49e38bf..e279fbf02579 100644 --- a/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp +++ b/cpp/ql/test/query-tests/Best Practices/SloppyGlobal/main.cpp @@ -6,14 +6,14 @@ int descriptive_name; // GOOD: sufficient static int z; // GOOD: not a global -int v1; -int v2; +int v1; // BAD: too short +int v2; // BAD: too short template -T v3; +T v3; // BAD: too short template -T v4; +T v4; // BAD: too short template -T v5; +T v5; // BAD: too short void use_some_fs() { v2 = 100; From 0870cc370bad0e20d11283a882392f8c4d6b19a3 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Fri, 15 Aug 2025 12:09:37 +0100 Subject: [PATCH 5/5] C++: Add a changenote for the change to cpp/short-global-name --- .../2025-08-15-short-global-name-template-instantiations.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cpp/ql/src/change-notes/2025-08-15-short-global-name-template-instantiations.md diff --git a/cpp/ql/src/change-notes/2025-08-15-short-global-name-template-instantiations.md b/cpp/ql/src/change-notes/2025-08-15-short-global-name-template-instantiations.md new file mode 100644 index 000000000000..8a8f54c73372 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-08-15-short-global-name-template-instantiations.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/short-global-name` query will no longer give alerts for instantiations of template variables, only for the template itself.