CPP: Add a query to find incorrectly used exceptions. 2

[ihsinme]

Good day.
this is an attempt to fix problems introduced in 6082.

in this request I am looking for errors when using exceptions.
I have identified 2 main areas:
1.the ability to throw unhandled exceptions in the body of the DllMain function. from which the library code will not be unloaded.
2. creating an exception object without throwing the last one, or a rather strange construction of an exception.

[ihsinme]

forgot the results

assimp/assimp#3954

AcademySoftwareFoundation/openexr#1059

[geoffw0]

Thank you for your contribution! I have a few questions as I'd like to understand what the query is looking for a bit better.

[geoffw0]

Happy to merge this into experimental.

If we want to promote it from experimental at some point, we may want to consider each of the three parts of the query separately.

[geoffw0]

I did an LGTM run here: https://lgtm.com/query/2396602394896819437/ . Some good results, some that appear to be the intended design (in particular when an exception object is saved to a variable apparently so that it can be thrown later if there's a problem). All results were for the "This object does not generate an exception." case of this query.

[ihsinme]

interesting FP. this was not in my kits. thanks to. I will suggest a solution.

relative to the detector.

1. Detecting dllmain requires Windows project to put it on lgtm.com, I failed. (is this possible for a free account?). I am looking for detection via cli until there is no result.
2. Detecting a forgotten function, I'm still looking.
   but despite these limitations, the functional module works and I would leave them in PR

[ihsinme]

to remove the FP you discovered, I suggest using:

  not fc.getParent() instanceof Initializer and

I also propose to discuss three points (as you think):

1. detection new, in my opinion it is correct, but there is already a good detection of these actions in the program. (https://github.com/github/codeql/blob/main/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql)
2. Is it necessary to remove the detection with return as false
3. how you look at the detection in the facebook/wangle project

[geoffw0]

detection new, in my opinion it is correct, but there is already a good detection of these actions in the program. (https://github.com/github/codeql/blob/main/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql)

I believe it's using placement new to essentially simulate assigning the exception value to buff_. So I think it's similar to the case of assignment to a variable (a member variable in this case).

Is it necessary to remove the detection with return as false

This seems like a strange design which defeats the point of exceptions (that you can raise them rather than having to handle error return values everywhere). I think I'd leave these results in for now, unless you can convince yourself they're doing something reasonable.

how you look at the detection in the facebook/wangle project

Again I'm not exactly sure what that code is trying to do. I don't think this case is especially important, but if you think lambda's should be an exception you could exclude results inside a LambdaExpression?

[ihsinme]

Good afternoon @geoffw0.
Should I do anything else for this PR

[geoffw0]

Happy to merge this in its current state.

[geoffw0]

Newer LGTM run: https://lgtm.com/query/7864086823722766951/