github · bdrodes · Feb 6, 2026 · Feb 6, 2026 · Feb 6, 2026 · Feb 6, 2026
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Refactor of UncheckedLeapYearAfterYearModification.ql to address large numbers of false positives. Reduced alerts from 40k to 2k.
@@ -14,7 +14,9 @@ class PackedTimeType extends Type {
   }
 }
 
-private predicate timeType(string typeName) { typeName = ["_SYSTEMTIME", "SYSTEMTIME", "tm"] }
+private predicate timeType(string typeName) {
+  typeName = ["_SYSTEMTIME", "SYSTEMTIME", "tm", "TIME_FIELDS", "_TIME_FIELDS", "PTIME_FIELDS"]
+}
 
 /**
  * A type that is used to represent times and dates in an 'unpacked' form, that is,
@@ -95,3 +97,24 @@ class StructTmMonthFieldAccess extends MonthFieldAccess {
 class StructTmYearFieldAccess extends YearFieldAccess {
   StructTmYearFieldAccess() { this.getTarget().getName() = "tm_year" }
 }
+
+/**
+ * A `DayFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsDayFieldAccess extends DayFieldAccess {
+  TimeFieldsDayFieldAccess() { this.getTarget().getName() = "Day" }
+}
+
+/**
+ * A `MonthFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsMonthFieldAccess extends MonthFieldAccess {
+  TimeFieldsMonthFieldAccess() { this.getTarget().getName() = "Month" }
+}
+
+/**
+ * A `YearFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsYearFieldAccess extends YearFieldAccess {
+  TimeFieldsYearFieldAccess() { this.getTarget().getName() = "Year" }
+}
@@ -308,3 +308,35 @@ private module PossibleYearArithmeticOperationCheckConfig implements DataFlow::C
 
 module PossibleYearArithmeticOperationCheckFlow =
   TaintTracking::Global<PossibleYearArithmeticOperationCheckConfig>;
+
+/**
+ * This list of APIs should check for the return value to detect problems during the conversion.
+ */
+class TimeConversionFunction extends Function {
+  boolean autoLeapYearCorrecting;
+
+  TimeConversionFunction() {
+    autoLeapYearCorrecting = false and
+    (
+      this.getName() =
+        [
+          "FileTimeToSystemTime", "SystemTimeToFileTime", "SystemTimeToTzSpecificLocalTime",
+          "SystemTimeToTzSpecificLocalTimeEx", "TzSpecificLocalTimeToSystemTime",
+          "TzSpecificLocalTimeToSystemTimeEx", "RtlLocalTimeToSystemTime",
+          "RtlTimeToSecondsSince1970", "_mkgmtime", "SetSystemTime", "VarUdateFromDate", "from_tm"
+        ]
+      or
+      // Matches all forms of GetDateFormat, e.g. GetDateFormatA/W/Ex
+      this.getName().matches("GetDateFormat%")
+    )
+    or
+    autoLeapYearCorrecting = true and
+    this.getName() =
+      ["mktime", "_mktime32", "_mktime64", "SystemTimeToVariantTime", "VariantTimeToSystemTime"]
+  }
+
+  /**
+   * Holds if the function is expected to auto convert a bad leap year date.
+   */
+  predicate isAutoLeapYearCorrecting() { autoLeapYearCorrecting = true }
+}