From 1d8d45b3aaff783d55da02e72c1a06e9bafb1805 Mon Sep 17 00:00:00 2001
From: codeqlhelper <166422730+codeqlhelper@users.noreply.github.com>
Date: Sun, 19 May 2024 21:48:43 +0800
Subject: [PATCH 1/5] Static variables are initialized to zero or null by
 compiler

Static variables are initialized to zero or null by compiler, no need to get an initializer of them
---
 cpp/ql/src/Critical/NotInitialised.ql | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cpp/ql/src/Critical/NotInitialised.ql b/cpp/ql/src/Critical/NotInitialised.ql
index 14cc757457ab..dcc7daab5983 100644
--- a/cpp/ql/src/Critical/NotInitialised.ql
+++ b/cpp/ql/src/Critical/NotInitialised.ql
@@ -54,6 +54,7 @@ predicate undefinedLocalUse(VariableAccess va) {
     // it is hard to tell when a struct or array has been initialized, so we
     // ignore them
     not isAggregateType(lv.getUnderlyingType()) and
+    not lv.isStatic() and  // static variables are initialized to zero or null by default
     not lv.getType().hasName("va_list") and
     va = lv.getAnAccess() and
     noDefPath(lv, va) and
@@ -70,7 +71,8 @@ predicate uninitialisedGlobal(GlobalVariable gv) {
     va = gv.getAnAccess() and
     va.isRValue() and
     not gv.hasInitializer() and
-    not gv.hasSpecifier("extern")
+    not gv.hasSpecifier("extern") and
+    not gv.isStatic()  // static variables are initialized to zero or null by default
   )
 }
 

From 15667dcf1e8ea833ca786f24fb694ef7a274f79c Mon Sep 17 00:00:00 2001
From: codeqlhelper <166422730+codeqlhelper@users.noreply.github.com>
Date: Sun, 19 May 2024 21:55:35 +0800
Subject: [PATCH 2/5] Create 2024-05-19-avoid-reporting-static-variable.md

---
 .../2024-05-19-avoid-reporting-static-variable.md             | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md

diff --git a/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md b/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
new file mode 100644
index 000000000000..c15c19f84d06
--- /dev/null
+++ b/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Reduce false positives of `NotInitialised.ql`. Static variables are initialised to zeros or nulls by default. See https://stackoverflow.com/questions/13251083/the-initialization-of-static-variables-in-c

From e8b9d7e6fab0585b9bed7c16c9fc3cfbc3a8af36 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Mon, 20 May 2024 08:52:18 +0100
Subject: [PATCH 3/5] C++: Modify change note to be more aligned with existing
 change notes.

---
 .../change-notes/2024-05-19-avoid-reporting-static-variable.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md b/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
index c15c19f84d06..837afe168a41 100644
--- a/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
+++ b/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
@@ -1,4 +1,4 @@
 ---
 category: minorAnalysis
 ---
-* Reduce false positives of `NotInitialised.ql`. Static variables are initialised to zeros or nulls by default. See https://stackoverflow.com/questions/13251083/the-initialization-of-static-variables-in-c
+* The "Variable not initialized before use" query (`cpp/not-initialised`) no longer reports an alert on static variables.
\ No newline at end of file

From df24e5982a658319585254d8fa18111fbe7a9088 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Mon, 20 May 2024 09:01:42 +0100
Subject: [PATCH 4/5] C++: Add tests and accept test changes.

---
 .../NotInitialised/NotInitialised.expected    |  2 ++
 .../NotInitialised/NotInitialised.qlref       |  1 +
 .../Critical/NotInitialised/test.cpp          | 20 +++++++++++++++++++
 3 files changed, 23 insertions(+)
 create mode 100644 cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.expected
 create mode 100644 cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.qlref
 create mode 100644 cpp/ql/test/query-tests/Critical/NotInitialised/test.cpp

diff --git a/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.expected b/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.expected
new file mode 100644
index 000000000000..cf8b0cf88a33
--- /dev/null
+++ b/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.expected
@@ -0,0 +1,2 @@
+| test.cpp:3:11:3:15 | local | Variable 'local' is not initialized. |
+| test.cpp:12:5:12:24 | uninitialised_global | Variable 'uninitialised_global' is not initialized. |
diff --git a/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.qlref b/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.qlref
new file mode 100644
index 000000000000..b261c020f534
--- /dev/null
+++ b/cpp/ql/test/query-tests/Critical/NotInitialised/NotInitialised.qlref
@@ -0,0 +1 @@
+Critical/NotInitialised.ql
\ No newline at end of file
diff --git a/cpp/ql/test/query-tests/Critical/NotInitialised/test.cpp b/cpp/ql/test/query-tests/Critical/NotInitialised/test.cpp
new file mode 100644
index 000000000000..bc9093cd53de
--- /dev/null
+++ b/cpp/ql/test/query-tests/Critical/NotInitialised/test.cpp
@@ -0,0 +1,20 @@
+void test1() {
+  int local;
+  int x = local; // BAD
+
+  static int static_local;
+  int y = static_local; // GOOD
+
+  int initialised = 42;
+  int z = initialised; // GOOD
+}
+
+int uninitialised_global; // BAD
+static int uninitialised_static_global; // GOOD
+int initialized_global = 0; // GOOD
+
+void test2() {
+  int a = uninitialised_global;
+  int b = uninitialised_static_global;
+  int c = initialized_global;
+}
\ No newline at end of file

From 2f7766a55791eac0635bbb9ed21f9d98d2838c51 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Mon, 20 May 2024 09:04:24 +0100
Subject: [PATCH 5/5] C++: Autoformat.

---
 cpp/ql/src/Critical/NotInitialised.ql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cpp/ql/src/Critical/NotInitialised.ql b/cpp/ql/src/Critical/NotInitialised.ql
index dcc7daab5983..8e8e67740ac1 100644
--- a/cpp/ql/src/Critical/NotInitialised.ql
+++ b/cpp/ql/src/Critical/NotInitialised.ql
@@ -54,7 +54,7 @@ predicate undefinedLocalUse(VariableAccess va) {
     // it is hard to tell when a struct or array has been initialized, so we
     // ignore them
     not isAggregateType(lv.getUnderlyingType()) and
-    not lv.isStatic() and  // static variables are initialized to zero or null by default
+    not lv.isStatic() and // static variables are initialized to zero or null by default
     not lv.getType().hasName("va_list") and
     va = lv.getAnAccess() and
     noDefPath(lv, va) and
@@ -72,7 +72,7 @@ predicate uninitialisedGlobal(GlobalVariable gv) {
     va.isRValue() and
     not gv.hasInitializer() and
     not gv.hasSpecifier("extern") and
-    not gv.isStatic()  // static variables are initialized to zero or null by default
+    not gv.isStatic() // static variables are initialized to zero or null by default
   )
 }