Add query for CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

[ihsinme]

Good day.
in this query I am looking for possible undefined behavior errors in expressions.
I have identified 4 main areas:

1. dangerous use of several incremental (decremental) operations, between sequence points.
2. using the functions of freeing resources.
3. the use of a common argument that can change the value inside the function.
4. the presence of a common global variable that can change its value.

search results in real software:
pnggroup/libpng#378
FortressOne/fteqw-code#5
arthurodriguesbatista/tiger-compiler#1
LycorisBellua/c_game_treasure-venture#1
robertdavidgraham/masscan#586

[geoffw0]

Hi @ihsinme, thank you for this contribution!

I've had a quick read through the code and it looks like a promising area to explore. We do have cpp/errors-when-using-bit-operations but I don't think it covers anywhere near as much stuff as your query does.

[ihsinme]

This is not the first time I notice that you find the code that you have and that is similar to my suggestions, more efficiently than me. if you could give me a couple of tips as you are looking for, I would make fewer mistakes in this direction.

[geoffw0]

When I'm looking for existing queries I generally just search the query directory (https://github.com/github/codeql/tree/main/cpp/ql/src) for one or two keywords I think might be appropriate. It isn't a flawless process.

[geoffw0]

Here's a run of the query on a fairly large collection of LGTM projects: https://lgtm.com/query/523449955668756695/

I was worried this would be a noisy query but this turns out not to be the case, results appear quite promising. 👍

Do you want me to merge this now or wait for any other changes?

[ihsinme]

if you think the request is mergeable.
let's merge.

[geoffw0]

LGTM.