forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathLargeParameter.ql
More file actions
23 lines (22 loc) · 827 Bytes
/
LargeParameter.ql
File metadata and controls
23 lines (22 loc) · 827 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
/**
* @name Large object passed by value
* @description An object larger than 64 bytes is passed by value to a function. Passing large objects by value unnecessarily use up scarce stack space, increase the cost of calling a function and can be a security risk. Use a pointer to the object instead.
* @kind problem
* @problem.severity warning
* @precision high
* @id cpp/large-parameter
* @tags efficiency
* readability
* statistical
* non-attributable
*/
import cpp
from Function f, Parameter p, Type t, int size
where f.getAParameter() = p
and p.getType() = t
and t.getSize() = size
and size > 64
and not t.getUnderlyingType() instanceof ArrayType
select
p, "This parameter of type $@ is " + size.toString() + " bytes - consider passing a pointer/reference instead.",
t, t.toString()