Merge pull request github#3085 from jbj/inStaticInitializer-AggregateLiteral

rdmarsh2 · web-flow · commit a30954599d52 · 2020-03-18T13:23:04.000-07:00
C++: Manual magic in inStaticInitializer
diff --git a/cpp/ql/src/semmle/code/cpp/Variable.qll b/cpp/ql/src/semmle/code/cpp/Variable.qll
@@ -397,16 +397,21 @@ class StaticStorageDurationVariable extends Variable {
  */
 private predicate runtimeExprInStaticInitializer(Expr e) {
   inStaticInitializer(e) and
-  if e instanceof AggregateLiteral
+  if e instanceof AggregateLiteral // in sync with the cast in `inStaticInitializer`
   then runtimeExprInStaticInitializer(e.getAChild())
   else not e.getFullyConverted().isConstant()
 }
 
-/** Holds if `e` is part of the initializer of a `StaticStorageDurationVariable`. */
+/**
+ * Holds if `e` is the initializer of a `StaticStorageDurationVariable`, either
+ * directly or below some top-level `AggregateLiteral`s.
+ */
 private predicate inStaticInitializer(Expr e) {
   exists(StaticStorageDurationVariable var | e = var.getInitializer().getExpr())
   or
-  inStaticInitializer(e.getParent())
+  // The cast to `AggregateLiteral` ensures we only compute what'll later be
+  // needed by `runtimeExprInStaticInitializer`.
+  inStaticInitializer(e.getParent().(AggregateLiteral))
 }
 
 /**
