harden/codeql/samples/integer_overflow/findIntegerOverflow.ql

import cpp
import semmle.code.cpp.security.FlowSources
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
import semmle.code.cpp.valuenumbering.GlobalValueNumbering

from RelationalOperation ro, AddExpr add, Expr exprOne, Expr exprTwo
where 
  add.getAnOperand() = exprOne and
  add.getAnOperand() = exprTwo and
  globalValueNumber(exprOne) = globalValueNumber(exprTwo) and
  exprMightOverflowPositively(add) or exprMightOverflowNegatively(add)
select add