CodeQL library for C and C++¶
When analyzing C or C++ code, you can use the large collection of classes in the CodeQL library for C and C++.
About the CodeQL library for C and C++¶
There is an extensive library for analyzing CodeQL databases extracted from C/C++ projects. The classes in this library present the data from a database in an object-oriented form and provide abstractions and predicates to help you with common analysis tasks.
The library is implemented as a set of QL modules, that is, files with the extension .qll. The module cpp.qll imports all the core C/C++ library modules, so you can include the complete library by beginning your query with:
import cpp
The rest of this topic summarizes the available CodeQL classes and corresponding C/C++ constructs.
Commonly-used library classes¶
The most commonly used standard library classes are listed below. The listing is broken down by functionality. Each library class is annotated with a C/C++ construct it corresponds to.
Declaration classes¶
This table lists Declaration classes representing C/C++ declarations.
| Example syntax | CodeQL class | Remarks | 
|---|---|---|
| 
 | ||
| 
 | ||
| 
 | See also Initializer | |
| 
 | ||
| 
 | ||
| template < typenameT>voidfunc(Tparam); | ||
| intfunc(const char*format, ...){…} | ||
| func  | ||
| template < typenameT>func  < int,T> (…) {…} | ||
| classC{…intfunc( floatparam);…}; | ||
| classC{…intfunc( floatparam) const;…}; | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| classC{…C  ( constD&d) {…}…}; | ||
| C  | ||
| C  | ||
| C  | ||
| C  | ||
| C  | Default constructor | |
| 
 | ||
| friend voidfunc( int );friend classB; | ||
| intfunc( void ) {…enumen{val1,val2 …};…} | ||
| classC{…enumen{val1,val2 …}…} | ||
| 
 | ||
| classC{…virtual voidfunc( int ) = 0;…}; | ||
| 
 | ||
| 
 | ||
| template < typenameT>classC<T,5> {…}; | ||
| 
 | ||
| 
 | ||
| template < typenameT>structC:T{…}; | Appears only in uninstantiated templates | |
| intfunc( void ) {…structS{…};…} | ||
| classC{…structS{…};…}; | ||
| 
 | ||
| 
 | ||
| 
 | ||
| intfunc( void ) {…typedef intT;…} | ||
| classC{…typedef intT;…}; | ||
| 
 | ||
| 
 | ||
| template < typenameT>classC{…}; | ||
| 
 | Since C++14 | 
Statement classes¶
This table lists subclasses of Stmt representing C/C++ statements.
| Example syntax | CodeQL class | Remarks | 
|---|---|---|
| 
 | Specific to a given CPU instruction set | |
| 
 | ||
| 
 | ||
| 
 | GNU extension; use with LabelLiteral | |
| Type i  | ||
| 
 | ||
| Expr  | ||
| 
 | Structured exception handling (SEH) under Windows | |
| 
 | Structured exception handling (SEH) under Windows | |
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| slabel  | ||
| C99 variable-length array | 
Expression classes¶
This table lists subclasses of Expr representing C/C++ expressions.
| Example syntax | CodeQL class(es) | Remarks | 
|---|---|---|
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | Microsoft extension | |
| 
 | C++11 C11 | |
| 
 | Microsoft extension | |
| template < typename...T>autosum(T … t){ return (t+ ... + 0 ); } | Appears only in uninstantiated templates | |
| 
 | ||
| [ = ] ( floatb) -> float{ returncaptured*b; } | C++11 | |
| ^ int ( intx, inty) { | Apple extension | |
| 
 | GNU extension; use with ComputedGotoStmt | |
| “%3d %s\n” | ||
| 0xdbceffca | ||
| 0167 | ||
| ‘c’ | ||
| “abcdefgh”, L”wide” | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| See also Initializer | ||
| Expr `` | =`` Expr | |
| C99 C99 | ||
| C99 | ||
| GNU extension | ||
| GNU extension | ||
| C99 | ||
| C99 C99 | ||
| 
 | ||
| 
 | ||
| Expr  | ||
| 
 | ||
| Expr  | ||
| 
 | ||
| 
 | GNU extension | |
| 
 | GNU extension | |
| 
 | ||
| 
 | ||
| 
 | GNU extension | |
| 
 | ||
| intvect__attribute__( ( vector_size (16) ) )= {3,8,32,33}; | GNU extension | |
| 
 | ||
| 
 | ||
| template < typename...T>intcount(T&&...t){ return sizeof... (t); } | ||
| GNU/Clang extension | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | Microsoft extension | 
Type classes¶
This table lists subclasses of Type representing C/C++ types.
| Example syntax | CodeQL class | Remarks | 
|---|---|---|
| 
 | ||
| 
 | ||
| 
 | C11, C++11 | |
| 
 | C11, C++11 | |
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Type  | ||
| Apple extension | ||
| Type  | ||
| Type   | ||
| Type  | ||
| Type  | ||
| 
 | ||
| 
 | 
Preprocessor classes¶
This table lists Preprocessor classes representing C/C++ preprocessing directives.
| Example syntax | CodeQL class | Remarks | 
|---|---|---|
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | Apple/NeXT extension | |
| 
 | Apple/NeXT extension | |
| 
 |