Rule 7.0.3: NoCharacterNumericalValue.ql

Adds a query that identifies when a numerical value of a
character has been used.

Also fixes a character type category bug, exposed getBuiltinType
and provide a CharacterType class.

Author: lcartey

cpp/misra/src/codingstandards/cpp/misra/BuiltInTypeRules.qll

@@ -23,7 +23,7 @@ newtype TypeCategory =
  */
 TypeCategory getTypeCategory(BuiltInType t) {
   (
-    t instanceof CharType or
+    t instanceof PlainCharType or
     t instanceof WideCharType or
     t instanceof Char16Type or
     t instanceof Char32Type or
@@ -58,13 +58,45 @@ TypeCategory getTypeCategory(BuiltInType t) {
   result = Other()
 }
 
+/**
+ * Gets the built-in type of a type, if it is a built-in type.
+ *
+ * This function will strip specifiers and typedefs to get the underlying built-in type.
+ */
+BuiltInType getBuiltInType(Type t) {
+  // Get the built-in type of a type, if it is a built-in type
+  result = t
+  or
+  // Strip specifiers and typedefs to get the built-in type
+  result = getBuiltInType(t.getUnspecifiedType())
+  or
+  // For reference types, get the base type and then the built-in type
+  result = getBuiltInType(t.(ReferenceType).getBaseType())
+  or
+  // For enum types, get the explicit underlying type and then the built-in type
+  result = getBuiltInType(t.(Enum).getExplicitUnderlyingType())
+}
+
 /**
  * The signedness of a MISRA C++ 2023 numeric type.
  */
 newtype Signedness =
   Signed() or
   Unsigned()
 
+class CharacterType extends Type {
+  // The actual character type, which is either a plain char or a wide char
+  BuiltInType realType;
+
+  CharacterType() {
+    // A type whose type category is character
+    getTypeCategory(realType) = Character() and
+    realType = getBuiltInType(this)
+  }
+
+  Type getRealType() { result = realType }
+}
+
 /**
  * A MISRA C++ 2023 numeric type is a type that represents a number, either an integral or a floating-point.
  *
@@ -78,18 +110,9 @@ class NumericType extends Type {
   Type realType;
 
   NumericType() {
-    // A type which is either an integral or a floating-point type category
-    getTypeCategory(this) = [Integral().(TypeCategory), FloatingPoint()] and
-    realType = this
-    or
-    // Any type which, after stripping specifiers and typedefs, is a numeric type
-    realType = this.getUnspecifiedType().(NumericType).getRealType()
-    or
-    // Any reference type where the base type is a numeric type
-    realType = this.(ReferenceType).getBaseType().(NumericType).getRealType()
-    or
-    // Any Enum type with an explicit underlying type that is a numeric type
-    realType = this.(Enum).getExplicitUnderlyingType().(NumericType).getRealType()
+    // A type whose type category is either integral or a floating-point
+    getTypeCategory(realType) = [Integral().(TypeCategory), FloatingPoint()] and
+    realType = getBuiltInType(this)
   }
 
   Signedness getSignedness() {

cpp/misra/src/rules/RULE-7-0-3/NoCharacterNumericalValue.ql

@@ -0,0 +1,61 @@
+/**
+ * @id cpp/misra/no-character-numerical-value
+ * @name RULE-7-0-3: The numerical value of a character shall not be used
+ * @description Using the numerical value of a character type may lead to inconsistent behavior due
+ *              to encoding dependencies and should be avoided in favor of safer C++ Standard
+ *              Library functions.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-0-3
+ *       scope/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra.BuiltInTypeRules
+
+from Conversion c, Expr expr, Type sourceType, Type targetType
+where
+  expr = c.getExpr() and
+  sourceType = expr.getType() and
+  targetType = c.getType() and
+  (
+    // Conversion from character type to non-character type
+    sourceType instanceof CharacterType and
+    not targetType instanceof CharacterType
+    or
+    // Conversion from non-character type to character type
+    not sourceType instanceof CharacterType and
+    targetType instanceof CharacterType
+    // or
+    // // Conversion between different character types
+    // getTypeCategory(sourceType) instanceof Character and
+    // getTypeCategory(targetType) instanceof Character and
+    // not sourceType = targetType
+  ) and
+  // Exclude conversions where both operands have the same character type in equality operations
+  not exists(EqualityOperation eq, CharacterType leftType, CharacterType rightType |
+    eq.getAnOperand() = expr and
+    leftType = eq.getLeftOperand().getType() and
+    rightType = eq.getRightOperand().getType() and
+    leftType.getRealType() = rightType.getRealType()
+  ) and
+  // Exclude unevaluated operands
+  not (
+    expr.getParent*() instanceof SizeofExprOperator or
+    expr.getParent*() instanceof SizeofTypeOperator or
+    expr.getParent*() instanceof TypeidOperator or
+    expr.getParent*() = any(Decltype dt).getExpr() or
+    expr.getParent*() instanceof StaticAssert
+  ) and
+  // Exclude optional comparisons that don't involve conversion
+  not exists(FunctionCall fc |
+    fc.getTarget().hasName("operator==") and
+    fc.getAnArgument() = expr and
+    fc.getQualifier().getType().hasName("optional")
+  )
+select expr,
+  "Conversion of character type '" + sourceType.getName() + "' to '" + targetType.getName() +
+    "' uses numerical value of character."

cpp/misra/test/rules/RULE-7-0-3/NoCharacterNumericalValue.expected

@@ -0,0 +1,27 @@
+| test.cpp:17:13:17:14 | 10 | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:18:13:18:14 | 65 | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:19:13:19:13 | 0 | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:24:20:24:22 | 97 | Conversion of character type 'char' to 'int8_t' uses numerical value of character. |
+| test.cpp:25:21:25:24 | 13 | Conversion of character type 'char' to 'uint8_t' uses numerical value of character. |
+| test.cpp:26:12:26:14 | 98 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:43:13:43:14 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:43:13:43:20 | ... - ... | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:43:18:43:20 | 48 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:44:13:44:14 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:44:13:44:18 | ... + ... | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:45:13:45:14 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:45:13:45:18 | ... * ... | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:51:7:51:8 | l1 | Conversion of character type 'char' to 'bool' uses numerical value of character. |
+| test.cpp:51:13:51:14 | l2 | Conversion of character type 'char' to 'bool' uses numerical value of character. |
+| test.cpp:53:7:53:8 | l1 | Conversion of character type 'char' to 'bool' uses numerical value of character. |
+| test.cpp:55:8:55:9 | l2 | Conversion of character type 'char' to 'bool' uses numerical value of character. |
+| test.cpp:73:39:73:41 | 97 | Conversion of character type 'char' to 'int_type' uses numerical value of character. |
+| test.cpp:89:8:89:9 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:89:14:89:16 | 48 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:89:23:89:24 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:89:29:89:31 | 57 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:102:25:102:26 | l1 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:117:15:117:16 | l2 | Conversion of character type 'int_type' to 'char' uses numerical value of character. |
+| test.cpp:123:31:123:32 | 65 | Conversion of character type 'int' to 'char' uses numerical value of character. |
+| test.cpp:124:29:124:31 | 65 | Conversion of character type 'char' to 'int' uses numerical value of character. |
+| test.cpp:130:6:130:7 | l2 | Conversion of character type 'char' to 'int' uses numerical value of character. |

cpp/misra/test/rules/RULE-7-0-3/NoCharacterNumericalValue.qlref

@@ -0,0 +1 @@
+rules/RULE-7-0-3/NoCharacterNumericalValue.ql

cpp/misra/test/rules/RULE-7-0-3/test.cpp

@@ -0,0 +1,131 @@
+#include <cassert>
+#include <cctype>
+#include <cstdint>
+#include <iostream>
+#include <locale>
+#include <optional>
+#include <string>
+
+void test_character_literal_assignment() {
+  char l1 = 'a';  // COMPLIANT
+  char l2 = '\r'; // COMPLIANT
+  char l3 = '\n'; // COMPLIANT
+  char l4 = '\0'; // COMPLIANT
+}
+
+void test_implicit_conversion_from_int() {
+  char l1 = 10; // NON_COMPLIANT
+  char l2 = 65; // NON_COMPLIANT
+  char l3 = 0;  // NON_COMPLIANT
+}
+
+void test_implicit_conversion_to_int() {
+  char l1 = 'a';
+  std::int8_t l2 = 'a';   // NON_COMPLIANT
+  std::uint8_t l3 = '\r'; // NON_COMPLIANT
+  int l4 = 'b';           // NON_COMPLIANT
+}
+
+void test_signed_char_assignment() {
+  signed char l1 = 11; // COMPLIANT
+  signed char l2 = 65; // COMPLIANT
+}
+
+void test_conversion_between_character_types() {
+  char l1 = L'A';    // COMPLIANT
+  wchar_t l2 = 'B';  // COMPLIANT
+  char16_t l3 = 'C'; // COMPLIANT
+  char32_t l4 = 'D'; // COMPLIANT
+}
+
+void test_arithmetic_operations() {
+  char l1 = 'a';
+  char l2 = l1 - '0'; // NON_COMPLIANT
+  char l3 = l1 + 1;   // NON_COMPLIANT
+  char l4 = l1 * 2;   // NON_COMPLIANT
+}
+
+void test_boolean_conversion() {
+  char l1 = 'a';
+  char l2 = '\0';
+  if (l1 && l2) { // NON_COMPLIANT
+  }
+  if (l1) { // NON_COMPLIANT
+  }
+  if (!l2) { // NON_COMPLIANT
+  }
+}
+
+void test_same_type_comparison() {
+  char l1 = 'a';
+  if (l1 != 'q') { // COMPLIANT
+  }
+  if (l1 == 'b') { // COMPLIANT
+  }
+}
+
+void test_char_traits_usage() {
+  using CT = std::char_traits<char>;
+  char l1 = 'a';
+  if (CT::eq(l1, 'q')) { // COMPLIANT
+  }
+  auto l2 = CT::to_int_type('a');           // COMPLIANT
+  auto l3 = static_cast<CT::int_type>('a'); // NON_COMPLIANT
+}
+
+void test_optional_comparison() {
+  std::optional<char> l1;
+  if (l1 == 'r') { // COMPLIANT
+  }
+}
+
+void test_unevaluated_operand() {
+  decltype('s' + 't') l1;         // COMPLIANT
+  static_assert(sizeof('x') > 0); // COMPLIANT
+}
+
+void test_range_check_non_compliant() {
+  char l1 = 'a';
+  if ((l1 >= '0') && (l1 <= '9')) { // NON_COMPLIANT
+  }
+}
+
+void test_range_check_compliant() {
+  using CT = std::char_traits<char>;
+  char l1 = 'a';
+  if (!CT::lt(l1, '0') && !CT::lt('9', l1)) { // COMPLIANT
+  }
+}
+
+void test_isdigit_non_compliant() {
+  char l1 = 'a';
+  if (0 == std::isdigit(l1)) { // NON_COMPLIANT
+  }
+}
+
+void test_isdigit_compliant() {
+  char l1 = 'a';
+  if (std::isdigit(l1, std::locale{})) { // COMPLIANT
+  }
+}
+
+void test_stream_conversion() {
+  std::istream &l1 = std::cin;
+  auto l2 = l1.get();
+  using CT = std::char_traits<char>;
+  if (CT::not_eof(l2)) {
+    char l3 = l2;                   // NON_COMPLIANT
+    char l4 = CT::to_char_type(l2); // COMPLIANT
+  }
+}
+
+void test_explicit_cast() {
+  char l1 = static_cast<char>(65); // NON_COMPLIANT
+  int l2 = static_cast<int>('A');  // NON_COMPLIANT
+}
+
+void test_function_parameter_conversion() {
+  auto f1 = [](int l1) {};
+  char l2 = 'x';
+  f1(l2); // NON_COMPLIANT
+}