codeqlhelper
diff --git a/‎.bazelversion
Lines changed: 1 addition & 1 deletion b/‎.bazelversion
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/downgrades/19887dbd33327fb07d54251786e0cb2578539775/upgrade.properties
Lines changed: 2 additions & 2 deletions b/‎cpp/downgrades/19887dbd33327fb07d54251786e0cb2578539775/upgrade.properties
Lines changed: 2 additions & 2 deletions
diff --git a/‎cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll
Lines changed: 2 additions & 2 deletions b/‎cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll
Lines changed: 2 additions & 2 deletions
diff --git a/‎cpp/ql/lib/upgrades/ddd31fd02e51ad270bc9e6712708e5a5b6881518/upgrade.properties
Lines changed: 2 additions & 2 deletions b/‎cpp/ql/lib/upgrades/ddd31fd02e51ad270bc9e6712708e5a5b6881518/upgrade.properties
Lines changed: 2 additions & 2 deletions
diff --git a/‎cpp/ql/src/Critical/NotInitialised.ql
Lines changed: 3 additions & 1 deletion b/‎cpp/ql/src/Critical/NotInitialised.ql
Lines changed: 3 additions & 1 deletion
diff --git a/‎cpp/ql/src/Likely Bugs/Format/NonConstantFormat.qhelp
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/src/Likely Bugs/Format/NonConstantFormat.qhelp
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
Lines changed: 4 additions & 0 deletions b/‎cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.expected
Lines changed: 120 additions & 52 deletions b/‎cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.expected
Lines changed: 120 additions & 52 deletions
diff --git a/‎cpp/ql/test/library-tests/dataflow/fields/path-flow.expected
Lines changed: 131 additions & 63 deletions b/‎cpp/ql/test/library-tests/dataflow/fields/path-flow.expected
Lines changed: 131 additions & 63 deletions
@@ -1 +1 @@
-7.1.0
+7.1.2
@@ -1,4 +1,4 @@
 description: Revert support for repeated initializers, which are allowed in C with designated initializers.
 compatibility: full
-aggregate_field_init.rel: reorder aggregate_field_init.rel (int aggregate, int initializer, int field, int position) aggregate initializer field
-aggregate_array_init.rel: reorder aggregate_array_init.rel (int aggregate, int initializer, int element_index, int position) aggregate initializer element_index
+aggregate_field_init.rel: reorder aggregate_field_init.rel (@aggregateliteral aggregate, @expr initializer, @membervariable field, int position) aggregate initializer field
+aggregate_array_init.rel: reorder aggregate_array_init.rel (@aggregateliteral aggregate, @expr initializer, int element_index, int position) aggregate initializer element_index
@@ -546,7 +546,7 @@ module ProductFlow {
       Flow1::PathGraph::edges(pred1, succ1, _, _) and
       exists(ReturnKindExt returnKind |
         succ1.getNode() = returnKind.getAnOutNode(call) and
-        pred1.getNode().(ReturnNodeExt).getKind() = returnKind
+        paramReturnNode(_, pred1.asParameterReturnNode(), _, returnKind)
       )
     }
 
@@ -574,7 +574,7 @@ module ProductFlow {
       Flow2::PathGraph::edges(pred2, succ2, _, _) and
       exists(ReturnKindExt returnKind |
         succ2.getNode() = returnKind.getAnOutNode(call) and
-        pred2.getNode().(ReturnNodeExt).getKind() = returnKind
+        paramReturnNode(_, pred2.asParameterReturnNode(), _, returnKind)
       )
     }
 
 
@@ -1,4 +1,4 @@
 description: Removed unused column from the `folders` and `files` relations
 compatibility: full
-files.rel: reorder files.rel (int id, string name, string simple, string ext, int fromSource) id name
-folders.rel: reorder folders.rel (int id, string name, string simple) id name
+files.rel: reorder files.rel (@file id, string name, string simple, string ext, int fromSource) id name
+folders.rel: reorder folders.rel (@folder id, string name, string simple) id name
@@ -54,6 +54,7 @@ predicate undefinedLocalUse(VariableAccess va) {
     // it is hard to tell when a struct or array has been initialized, so we
     // ignore them
     not isAggregateType(lv.getUnderlyingType()) and
+    not lv.isStatic() and // static variables are initialized to zero or null by default
     not lv.getType().hasName("va_list") and
     va = lv.getAnAccess() and
     noDefPath(lv, va) and
@@ -70,7 +71,8 @@ predicate uninitialisedGlobal(GlobalVariable gv) {
     va = gv.getAnAccess() and
     va.isRValue() and
     not gv.hasInitializer() and
-    not gv.hasSpecifier("extern")
+    not gv.hasSpecifier("extern") and
+    not gv.isStatic() // static variables are initialized to zero or null by default
   )
 }
 
 
@@ -42,7 +42,7 @@ in the previous example, one solution is to make the log message a trailing argu
 <p>An alternative solution is to allow <code>log_with_timestamp</code> to accept format arguments:</p>
 <sample src="NonConstantFormat-2-good.c" />
 <p>In this formulation, the non-constant format string to <code>printf</code> has been replaced with
-a non-constant format string to <code>vprintf</code>. Semmle will no longer consider the body of
+a non-constant format string to <code>vprintf</code>. The analysis will no longer consider the body of
 <code>log_with_timestamp</code> to be a problem, and will instead check that every call to
 <code>log_with_timestamp</code> passes a constant format string.</p>
 
 
@@ -107,7 +107,7 @@ class SnprintfSizeExpr extends BufferAccess, FunctionCall {
 }
 
 class MemcmpSizeExpr extends BufferAccess, FunctionCall {
-  MemcmpSizeExpr() { this.getTarget().hasName("Memcmp") }
+  MemcmpSizeExpr() { this.getTarget().hasName("memcmp") }
 
   override Expr getPointer() {
     result = this.getArgument(0) or
 
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The "Variable not initialized before use" query (`cpp/not-initialised`) no longer reports an alert on static variables.
Original file line number	Diff line number	Diff line change
`@@ -546,7 +546,7 @@ module ProductFlow {`
`546`	`546`	`Flow1::PathGraph::edges(pred1, succ1, _, _) and`
`547`	`547`	`exists(ReturnKindExt returnKind \|`
`548`	`548`	`succ1.getNode() = returnKind.getAnOutNode(call) and`
`549`		`- pred1.getNode().(ReturnNodeExt).getKind() = returnKind`
	`549`	`+ paramReturnNode(_, pred1.asParameterReturnNode(), _, returnKind)`
`550`	`550`	`)`
`551`	`551`	`}`
`552`	`552`
`@@ -574,7 +574,7 @@ module ProductFlow {`
`574`	`574`	`Flow2::PathGraph::edges(pred2, succ2, _, _) and`
`575`	`575`	`exists(ReturnKindExt returnKind \|`
`576`	`576`	`succ2.getNode() = returnKind.getAnOutNode(call) and`
`577`		`- pred2.getNode().(ReturnNodeExt).getKind() = returnKind`
	`577`	`+ paramReturnNode(_, pred2.asParameterReturnNode(), _, returnKind)`
`578`	`578`	`)`
`579`	`579`	`}`
`580`	`580`
Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@ class SnprintfSizeExpr extends BufferAccess, FunctionCall {`
`107`	`107`	`}`
`108`	`108`
`109`	`109`	`class MemcmpSizeExpr extends BufferAccess, FunctionCall {`
`110`		`- MemcmpSizeExpr() { this.getTarget().hasName("Memcmp") }`
	`110`	`+ MemcmpSizeExpr() { this.getTarget().hasName("memcmp") }`
`111`	`111`
`112`	`112`	`override Expr getPointer() {`
`113`	`113`	`result = this.getArgument(0) or`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* The "Variable not initialized before use" query (`cpp/not-initialised`) no longer reports an alert on static variables.