I'm interested in looking at detecting "known bad" patterns, for example: (<expr> & 0) == 0 (this example is stolen from FindBugs) if(<non-boolean value>) (cause of recent OpenSSL vuln) is there code that does this sort of thing already? Or something related so I can get some hints?