You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Source line information emitted by the Microsoft C/C++ Compiler may be limited to just line information and not line/column information.
This leads to the scenario where compound statements that consist of multiple function calls / calculations all appear as being at the same physical location, and hence multiple messages may be required to be emitted against this location e.g.
#line 200 "foo.cpp"
if (myBadFunction_1() == myBadEnumCheckValue) myBadFunction_2();
All elements of this will appear as line 200 of the file foo.cpp
This can be exacerbated by using line continuation characters which are often found in more complex macros e.g. from the Windows 10 sdk winnt.h
Source line information emitted by the Microsoft C/C++ Compiler may be limited to just line information and not line/column information.
This leads to the scenario where compound statements that consist of multiple function calls / calculations all appear as being at the same physical location, and hence multiple messages may be required to be emitted against this location e.g.
All elements of this will appear as line 200 of the file foo.cpp
This can be exacerbated by using line continuation characters which are often found in more complex macros e.g. from the Windows 10 sdk winnt.h
https://github.com/Microsoft/sarif-sdk/blob/master/src/Sarif/Schemata/Sarif.schema.json#L767appears to indicate that locations array for results of a specific ruleID need to be unique. This may not be true for C / C++ binaries.
The text was updated successfully, but these errors were encountered: