Hi, > I am hoping we can work together to improve the overall quality of the > code and minimize the number of CodeQL alerts.
Seems CodeQL now runs as part of CI and flags issues it has found. It complains about a possible NULL pointer dereference: https://github.com/tianocore/edk2/runs/22021016348 This is not correct, but I doubt code analysis will ever be clever enough to figure this automatically. So I've added an ASSERT() explicitly saying so, which should help both human reviewers and code analyzers. Apparently that does not change anything for CodeQL though. I guess the CodeQL config must be updated so it knows what ASSERT() means? Maybe it is ignored simply because it is upper case (unlike the standard C library version which is lower case)? thanks & take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116028): https://edk2.groups.io/g/devel/message/116028 Mute This Topic: https://groups.io/mt/102444916/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
