C++: Add more MaD summaries #19753
Merged
C++: Add more MaD summaries #19753
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This PR adds new MaD flow summaries for several C++ libraries, updates the test expectations to use the newly generated model IDs, and adjusts the bulk generation targets list to include the new libraries.
- Updated expected IDs in
flow.expectedto match the latest bulk generation run. - Added a new change-note entry documenting the added MaD summaries.
- Expanded
bulk_generation_targets.ymlto configure generation for the listed libraries.
Reviewed Changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| cpp/ql/test/library-tests/dataflow/external-models/flow.expected | Bumped MaD summary IDs to align with the new bulk generator output. |
| cpp/ql/src/change-notes/2025-06-13-mad-summaries.md | Documented the addition of new MaD flow models. |
| cpp/bulk_generation_targets.yml | Added targets for zlib, brotli, libidn2, libssh2, nghttp2, libuv, and curl. |
Comments suppressed due to low confidence (3)
cpp/bulk_generation_targets.yml:12
- The target name for
libssh2was removed but itswith-sinks/with-sourceslines remain, making the YAML invalid. Add back- name: libssh2before these lines to restore a proper list item.
with-sinks: false
cpp/bulk_generation_targets.yml:13
- The
sqliteentry appears to have been removed, but itswith-sinks/with-sourceslines are still present. Remove these orphan lines or re-add- name: sqliteif the target should be kept.
with-sources: false
cpp/bulk_generation_targets.yml:20
- [nitpick] The
openssltarget is reintroduced here but not mentioned in the PR description. Confirm whether this was intentional or remove it to keep the target list aligned with the documented libraries.
- name: openssl
geoffw0
approved these changes
Jun 13, 2025
| - name: openssl | ||
| - name: zlib | ||
| with-sinks: false | ||
| with-sources: false |
There was a problem hiding this comment.
Why exclude sources and sinks?
There was a problem hiding this comment.
See my answer to a similar question here. TLDR: We don't yet autogenerate sources and sinks for C/C++ (mostly because I didn't bother to do it yet).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds MaD summaries for the following libraries:
The models have been generated using the bulk generator script as of 1a36374 (which fixes a dependency ordering problem)